Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104 advisories

Loading
The origin of an external protocol handler prompt could have been obscured using a data: URL... Moderate Unreviewed
CVE-2024-10460 was published Oct 29, 2024
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... Moderate Unreviewed
CVE-2024-44187 was published Sep 17, 2024
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed... Moderate Unreviewed
CVE-2024-7978 was published Aug 21, 2024
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate... Moderate Unreviewed
CVE-2024-22062 was published Jul 9, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to... Moderate Unreviewed
CVE-2024-6301 was published Jun 25, 2024
Brocade Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not properly represent... Moderate Unreviewed
CVE-2023-5973 was published Apr 5, 2024
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between... Moderate Unreviewed
CVE-2024-2182 was published Mar 12, 2024
An unauthenticated remote attacker can perform a remote code execution due to an origin... Moderate Unreviewed
CVE-2024-25996 was published Mar 12, 2024
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to... Moderate Unreviewed
CVE-2023-30996 was published Feb 26, 2024
An unauthenticated attacker can send a ping request from one network to another through an error... Moderate Unreviewed
CVE-2024-24782 was published Feb 13, 2024
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote... Moderate Unreviewed
CVE-2024-0814 was published Jan 24, 2024
A phishing site could have repurposed an `about:` dialog to show phishing content with an... Moderate Unreviewed
CVE-2024-0749 was published Jan 23, 2024
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2023-20275 was published Dec 12, 2023
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse... Moderate Unreviewed
CVE-2023-28794 was published Nov 6, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote... Moderate Unreviewed
CVE-2023-5853 was published Nov 1, 2023
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5859 was published Nov 1, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5851 was published Nov 1, 2023
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed... Moderate Unreviewed
CVE-2023-5858 was published Nov 1, 2023
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via... Moderate Unreviewed
CVE-2023-5718 was published Oct 23, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A... Moderate Unreviewed
CVE-2021-26737 was published Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-44189 was published Oct 12, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-44190 was published Oct 12, 2023
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to... Moderate Unreviewed
CVE-2023-4045 was published Aug 1, 2023
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed... Moderate Unreviewed
CVE-2022-4917 was published Jul 29, 2023
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the... Moderate Unreviewed
CVE-2023-30949 was published Jul 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database