Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web... Low Unreviewed
CVE-2024-36511 was published Sep 10, 2024
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote... High Unreviewed
CVE-2024-7965 was published Aug 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Low Unreviewed
CVE-2024-41907 was published Aug 13, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote... Critical Unreviewed
CVE-2024-7003 was published Aug 6, 2024
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72... Critical Unreviewed
CVE-2024-6995 was published Aug 6, 2024
Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote... Moderate Unreviewed
CVE-2024-5500 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6773 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6772 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote... High Unreviewed
CVE-2024-6101 was published Jun 20, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app... High Unreviewed
CVE-2024-27842 was published May 14, 2024
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to... High Unreviewed
CVE-2024-2617 was published Apr 30, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed
CVE-2024-3844 was published Apr 17, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an... Moderate Unreviewed
CVE-2024-3838 was published Apr 17, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-25545 was published Apr 12, 2024
An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint... Moderate Unreviewed
CVE-2024-23592 was published Apr 5, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote... High Unreviewed
CVE-2024-2174 was published Mar 6, 2024
RPyC's missing security check results in code execution when using numpy.array on the server-side. High
CVE-2024-27758 was published for rpyc (pip) Mar 6, 2024
renbou comrumino
Java: DoS Vulnerability in JSON-JAVA High
CVE-2023-5072 was published for org.json:json (Maven) Nov 14, 2023
eamonnmcmanus
vantage6-server node accepts non-whitelisted algorithms from malicious server High
CVE-2023-47631 was published for vantage6-server (pip) Nov 14, 2023
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17... High Unreviewed
CVE-2023-40445 was published Oct 25, 2023
A non-feature complete authentication mechanism exists in the production application allowing an... Critical Unreviewed
CVE-2023-3266 was published Aug 14, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39403 was published Aug 13, 2023
Client Spoofing within the Keycloak Device Authorisation Grant Low
CVE-2023-2585 was published for org.keycloak:keycloak-server-spi-private (Maven) Jun 30, 2023
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the... Moderate Unreviewed
CVE-2023-28601 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API