GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
55 advisories
Filter by severity
The Client secret is not checked when using the OAuth Password grant type.
By exploiting this...
Low
Unreviewed
CVE-2024-12056
was published
Dec 4, 2024
An improper neutralization of special elements in output used by a downstream component (...
Moderate
Unreviewed
CVE-2024-33510
was published
Nov 12, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for...
High
Unreviewed
CVE-2024-40650
was published
Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web...
Low
Unreviewed
CVE-2024-36511
was published
Sep 10, 2024
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote...
High
Unreviewed
CVE-2024-7965
was published
Aug 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Low
Unreviewed
CVE-2024-41907
was published
Aug 13, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote...
Critical
Unreviewed
CVE-2024-7003
was published
Aug 6, 2024
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72...
Critical
Unreviewed
CVE-2024-6995
was published
Aug 6, 2024
Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote...
Moderate
Unreviewed
CVE-2024-5500
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote...
High
Unreviewed
CVE-2024-6773
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote...
High
Unreviewed
CVE-2024-6772
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote...
High
Unreviewed
CVE-2024-6101
was published
Jun 20, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app...
High
Unreviewed
CVE-2024-27842
was published
May 14, 2024
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to...
High
Unreviewed
CVE-2024-2617
was published
Apr 30, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an...
Moderate
Unreviewed
CVE-2024-3838
was published
Apr 17, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a...
Moderate
Unreviewed
CVE-2024-3844
was published
Apr 17, 2024
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote...
Critical
Unreviewed
CVE-2024-3845
was published
Apr 17, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a...
High
Unreviewed
CVE-2024-25545
was published
Apr 12, 2024
An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint...
Moderate
Unreviewed
CVE-2024-23592
was published
Apr 5, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote...
High
Unreviewed
CVE-2024-2174
was published
Mar 6, 2024
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17...
High
Unreviewed
CVE-2023-40445
was published
Oct 25, 2023
A non-feature complete authentication mechanism exists in the production application allowing an...
Critical
Unreviewed
CVE-2023-3266
was published
Aug 14, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39403
was published
Aug 13, 2023
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the...
Moderate
Unreviewed
CVE-2023-28601
was published
Jun 13, 2023
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive...
High
Unreviewed
CVE-2022-3691
was published
Nov 21, 2022
ProTip!
Advisories are also available from the
GraphQL API