Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

216 advisories

Loading
A same-origin policy violation allowing the theft of cross-origin URL entries when using the... Moderate Unreviewed
CVE-2018-18494 was published May 14, 2022
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which... High Unreviewed
CVE-2018-6764 was published May 13, 2022
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover... High Unreviewed
CVE-2018-6654 was published May 13, 2022
A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81... Moderate Unreviewed
CVE-2018-16072 was published May 13, 2022
The internal WebBrowserPersist code does not use correct origin context for a resource being... Moderate Unreviewed
CVE-2018-12402 was published May 13, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request... High Unreviewed
CVE-2017-8793 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature... Moderate Unreviewed
CVE-2017-8650 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8523 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8530 was published May 13, 2022
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and... Moderate Unreviewed
CVE-2017-18016 was published May 13, 2022
RubyGems has Origin Validation Error vulnerability High
CVE-2017-0902 was published for rubygems-update (RubyGems) May 13, 2022
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications... Critical Unreviewed
CVE-2018-5400 was published May 13, 2022
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in... High Unreviewed
CVE-2018-6690 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3072 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3067 was published May 13, 2022
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3056 was published May 13, 2022
The extension implementation in Google Chrome before 17.0.963.46 does not properly handle... Moderate Unreviewed
CVE-2011-3956 was published May 13, 2022
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the... High Unreviewed
CVE-2011-2856 was published May 13, 2022
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with... Critical Unreviewed
CVE-2017-6519 was published May 13, 2022
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,... High Unreviewed
CVE-2014-1487 was published May 13, 2022
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla... Moderate Unreviewed
CVE-2014-1502 was published May 13, 2022
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1,... Moderate Unreviewed
CVE-2012-4193 was published May 13, 2022
HashiCorp Consul vulnerable to Origin Validation Error High
CVE-2019-9764 was published for github.com/hashicorp/consul (Go) May 13, 2022
Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms... High Unreviewed
CVE-2019-7399 was published May 13, 2022
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed
CVE-2018-8235 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API