Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Microsoft Teams for iOS Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38197 was published Aug 13, 2024
The date picker could partially obscure security prompts. This could be used by a malicious site... High Unreviewed
CVE-2024-7529 was published Aug 6, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11... Low Unreviewed
CVE-2024-6595 was published Jul 17, 2024
Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105... Moderate Unreviewed
CVE-2023-7011 was published Jul 17, 2024
Windows MSHTML Platform Spoofing Vulnerability High Unreviewed
CVE-2024-38112 was published Jul 9, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38082 was published Jun 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38093 was published Jun 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-30055 was published May 14, 2024
In multiple functions of NotificationManagerService.java, there is a possible way to not show a... Critical Unreviewed
CVE-2024-23708 was published May 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the... Moderate Unreviewed
CVE-2023-50938 was published Feb 2, 2024
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0 Moderate
CVE-2022-23646 was published for next (npm) Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API