GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Filter by severity

Sort by

Least recently updated

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed

CVE-2017-8530 was published May 13, 2022

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and... Moderate Unreviewed

CVE-2017-18016 was published May 13, 2022

The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications... Critical Unreviewed

CVE-2018-5400 was published May 13, 2022

Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in... High Unreviewed

CVE-2018-6690 was published May 13, 2022

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3072 was published May 13, 2022

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3067 was published May 13, 2022

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3056 was published May 13, 2022

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle... Moderate Unreviewed

CVE-2011-3956 was published May 13, 2022

Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the... High Unreviewed

CVE-2011-2856 was published May 13, 2022

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with... Critical Unreviewed

CVE-2017-6519 was published May 13, 2022

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,... High Unreviewed

CVE-2014-1487 was published May 13, 2022

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla... Moderate Unreviewed

CVE-2014-1502 was published May 13, 2022

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1,... Moderate Unreviewed

CVE-2012-4193 was published May 13, 2022

Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms... High Unreviewed

CVE-2019-7399 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed

CVE-2018-8235 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed

CVE-2018-8112 was published May 13, 2022

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... High Unreviewed

CVE-2018-4319 was published May 13, 2022

For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially... Moderate Unreviewed

CVE-2017-5646 was published May 13, 2022

Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a... Moderate Unreviewed

CVE-2019-5773 was published May 13, 2022

An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware... High Unreviewed

CVE-2018-3834 was published May 13, 2022

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which... High Unreviewed

CVE-2009-1185 was published May 2, 2022

Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that... Moderate Unreviewed

CVE-2005-0877 was published May 1, 2022

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received... Moderate Unreviewed

CVE-2001-1452 was published Apr 30, 2022

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000,... High Unreviewed

CVE-2000-1218 was published Apr 30, 2022

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a... Moderate Unreviewed

CVE-1999-1549 was published Apr 30, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

190 advisories