Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

124 advisories

Loading
Verification flaw in Solid identity-token-verifier Moderate
GHSA-xmh9-rg6f-j3mr was published for @solid/identity-token-verifier (npm) Mar 12, 2021
Kiali Authentication Bypass vulnerability Moderate
CVE-2021-20278 was published for github.com/kiali/kiali (Go) Jun 1, 2021
Verification check bypass in Gate One Moderate
CVE-2020-19003 was published for gateone (pip) Oct 12, 2021
Skype for Business and Lync Spoofing Vulnerability. Moderate Unreviewed
CVE-2022-26910 was published Apr 16, 2022
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6... Moderate Unreviewed
CVE-2019-10875 was published Apr 30, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting. Moderate Unreviewed
CVE-2013-5661 was published May 5, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted... Moderate Unreviewed
CVE-2017-12096 was published May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney... Moderate Unreviewed
CVE-2017-12095 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a... Moderate Unreviewed
CVE-2018-1695 was published May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails... Moderate Unreviewed
CVE-2018-8153 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8278 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ... Moderate Unreviewed
CVE-2018-8383 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8388 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8425 was published May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could... Moderate Unreviewed
CVE-2018-3829 was published May 13, 2022
Electron vulnerable to URL spoofing via PDFium Moderate
CVE-2017-1000424 was published for Electron (npm) May 13, 2022
jhutchings1
Django WSGI Header Spoofing Vulnerability Moderate
CVE-2015-0219 was published for Django (pip) May 17, 2022
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able... Moderate Unreviewed
CVE-2019-3884 was published May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka... Moderate Unreviewed
CVE-2019-0608 was published May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka ... Moderate Unreviewed
CVE-2019-1357 was published May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential... Moderate Unreviewed
CVE-2019-18659 was published May 24, 2022
Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13701 was published May 24, 2022
Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13703 was published May 24, 2022
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13708 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database