Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

124 advisories

Loading
Verification flaw in Solid identity-token-verifier Moderate
GHSA-xmh9-rg6f-j3mr was published for @solid/identity-token-verifier (npm) Mar 12, 2021
When exiting fullscreen mode, an iframe could have confused the browser about the current state... Moderate Unreviewed
CVE-2022-31738 was published Dec 22, 2022
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit... Moderate Unreviewed
CVE-2022-32983 was published Jun 21, 2022
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a... Moderate Unreviewed
CVE-2022-1495 was published Jul 27, 2022
Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88... Moderate Unreviewed
CVE-2022-1307 was published Jul 26, 2022
Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a... Moderate Unreviewed
CVE-2022-1306 was published Jul 26, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896... Moderate Unreviewed
CVE-2022-1129 was published Jul 24, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted... Moderate Unreviewed
CVE-2017-12096 was published May 13, 2022
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass... Moderate Unreviewed
CVE-2019-20790 was published May 24, 2022
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13708 was published May 24, 2022
Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13703 was published May 24, 2022
Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a... Moderate Unreviewed
CVE-2019-13704 was published May 24, 2022
Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13701 was published May 24, 2022
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13715 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a... Moderate Unreviewed
CVE-2019-13709 was published May 24, 2022
Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client ... Moderate Unreviewed
CVE-2020-7327 was published May 24, 2022
IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server... Moderate Unreviewed
CVE-2020-4864 was published May 24, 2022
Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow... Moderate Unreviewed
CVE-2020-7326 was published May 24, 2022
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. Moderate Unreviewed
CVE-2020-24375 was published May 24, 2022
SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the... Moderate Unreviewed
CVE-2020-27276 was published May 24, 2022
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote... Moderate Unreviewed
CVE-2021-21134 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header... Moderate Unreviewed
CVE-2019-25023 was published May 24, 2022
A malicious extension could have opened a popup window lacking an address bar. The title of the... Moderate Unreviewed
CVE-2021-23984 was published May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7... Moderate Unreviewed
CVE-2021-21492 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database