Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS)... Critical Unreviewed
CVE-2021-39063 was published Dec 14, 2021
glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html... Critical Unreviewed
CVE-2021-44935 was published Dec 15, 2021
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with... Critical Unreviewed
CVE-2017-6519 was published May 13, 2022
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications... Critical Unreviewed
CVE-2018-5400 was published May 13, 2022
WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active... Critical Unreviewed
CVE-2018-5116 was published May 14, 2022
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed
CVE-2017-13274 was published May 14, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and... Critical Unreviewed
CVE-2018-5409 was published May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could... Critical Unreviewed
CVE-2019-15020 was published May 24, 2022
The vulnerability causing from insufficient verification procedures for downloaded files during... Critical Unreviewed
CVE-2022-23764 was published Aug 18, 2022
A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected... Critical Unreviewed
CVE-2014-125071 was published Jan 9, 2023
An issue was discovered in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site... Critical Unreviewed
CVE-2023-0957 was published Jul 6, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3654 was published Oct 3, 2023
The Kossy module before 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling. Critical Unreviewed
CVE-2021-47157 was published Mar 18, 2024
Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. Critical Unreviewed
CVE-2024-41475 was published Aug 12, 2024
A compromised content process could have allowed for the arbitrary loading of cross-origin pages.... Critical Unreviewed
CVE-2024-9392 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database