GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,675

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

143 advisories

Filter by severity

Sort by

Least recently updated

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed

CVE-2024-3843 was published Apr 17, 2024

An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information... Moderate Unreviewed

CVE-2024-31784 was published Apr 16, 2024

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an... Moderate Unreviewed

CVE-2024-23558 was published Apr 15, 2024

A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... Moderate Unreviewed

CVE-2024-30190 was published Apr 9, 2024

A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),... Moderate Unreviewed

CVE-2024-30189 was published Apr 9, 2024

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code... Moderate Unreviewed

CVE-2024-31008 was published Apr 3, 2024

In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in... Moderate Unreviewed

CVE-2024-28228 was published Mar 7, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS... Moderate Unreviewed

CVE-2023-42889 was published Feb 21, 2024

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows... Moderate Unreviewed

CVE-2023-7169 was published Feb 8, 2024

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local... Moderate Unreviewed

CVE-2023-6044 was published Jan 19, 2024

An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a... Moderate Unreviewed

CVE-2023-4001 was published Jan 15, 2024

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and... Moderate Unreviewed

CVE-2024-0454 was published Jan 12, 2024

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ... Moderate Unreviewed

CVE-2023-20256 was published Nov 1, 2023

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ... Moderate Unreviewed

CVE-2023-20245 was published Nov 1, 2023

Multiple Cisco products are affected by a vulnerability in Snort access control policies that... Moderate Unreviewed

CVE-2023-20246 was published Nov 1, 2023

An authentication bypass by spoofing of a device with a synthetic IP address is possible in... Moderate Unreviewed

CVE-2023-28803 was published Oct 23, 2023

The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to... Moderate Unreviewed

CVE-2023-4631 was published Sep 25, 2023

This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially... Moderate Unreviewed

CVE-2023-4281 was published Sep 25, 2023

The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from... Moderate Unreviewed

CVE-2022-1601 was published Aug 30, 2023

The foundry campaigns service was found to be vulnerable to an unauthenticated information... Moderate Unreviewed

CVE-2023-30950 was published Aug 4, 2023

PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a... Moderate Unreviewed

CVE-2023-27199 was published Jul 5, 2023

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend... Moderate Unreviewed

CVE-2023-29147 was published Jun 30, 2023

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this... Moderate Unreviewed

CVE-2023-34160 was published Jun 19, 2023

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this... Moderate Unreviewed

CVE-2023-34158 was published Jun 19, 2023

Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this... Moderate Unreviewed

CVE-2023-34167 was published Jun 19, 2023

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

143 advisories