Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Loading
The device ID is based on IMEI in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Moderate Unreviewed
CVE-2024-36557 was published Feb 6, 2025
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity... Moderate Unreviewed
CVE-2025-24628 was published Jan 27, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a... Moderate Unreviewed
CVE-2025-0446 was published Jan 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote... Moderate Unreviewed
CVE-2025-0442 was published Jan 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0440 was published Jan 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a... Moderate Unreviewed
CVE-2025-0439 was published Jan 15, 2025
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0435 was published Jan 15, 2025
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction... Moderate Unreviewed
CVE-2022-22364 was published May 3, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions... Moderate Unreviewed
CVE-2023-2001 was published Jun 7, 2023
Windows NTLM Spoofing Vulnerability. Moderate Unreviewed
CVE-2022-35770 was published Oct 12, 2022
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing... Moderate Unreviewed
CVE-2024-55232 was published Dec 19, 2024
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may... Moderate Unreviewed
CVE-2023-34157 was published Jun 16, 2023
Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows... Moderate Unreviewed
CVE-2023-41133 was published Dec 13, 2024
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a... Moderate Unreviewed
CVE-2023-27199 was published Jul 5, 2023
An attacker could cause a select dropdown to be shown over another tab; this could have led to... Moderate Unreviewed
CVE-2024-11692 was published Nov 26, 2024
The incorrect domain may have been displayed in the address bar during an interrupted navigation... Moderate Unreviewed
CVE-2024-11701 was published Nov 26, 2024
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend... Moderate Unreviewed
CVE-2023-29147 was published Jun 30, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS... Moderate Unreviewed
CVE-2023-42889 was published Feb 21, 2024
A user who enables full-screen mode on a specially crafted web page could potentially be... Moderate Unreviewed
CVE-2024-9391 was published Oct 1, 2024
An issue in Annonshop.app DecentralizeJustice/ anonymousLocker commit 2b2b4 allows attackers to... Moderate Unreviewed
CVE-2024-36588 was published Jun 13, 2024
Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass. Moderate Unreviewed
CVE-2024-39337 was published Jun 24, 2024
DESIGNA ABACUS v.18 and before allows an attacker to bypass the payment process via a crafted QR... Moderate Unreviewed
CVE-2024-31802 was published Jun 27, 2024
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed
CVE-2024-34397 was published May 7, 2024
Entrust Instant Financial Issuance (On Premise) Software (formerly known as Cardwizard) 6.10.0, 6... Moderate Unreviewed
CVE-2024-39341 was published Sep 23, 2024
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an... Moderate Unreviewed
CVE-2024-23558 was published Apr 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database