GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
147 advisories
Filter by severity
A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka ...
Moderate
Unreviewed
CVE-2019-1357
was published
May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka...
Moderate
Unreviewed
CVE-2019-0608
was published
May 24, 2022
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able...
Moderate
Unreviewed
CVE-2019-3884
was published
May 24, 2022
Django WSGI Header Spoofing Vulnerability
Moderate
CVE-2015-0219
was published
for
Django
(pip)
May 17, 2022
Electron vulnerable to URL spoofing via PDFium
Moderate
CVE-2017-1000424
was published
for
Electron
(npm)
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could...
Moderate
Unreviewed
CVE-2018-3829
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8425
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8388
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ...
Moderate
Unreviewed
CVE-2018-8383
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8278
was published
May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails...
Moderate
Unreviewed
CVE-2018-8153
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a...
Moderate
Unreviewed
CVE-2018-1695
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney...
Moderate
Unreviewed
CVE-2017-12095
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted...
Moderate
Unreviewed
CVE-2017-12096
was published
May 13, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting.
Moderate
Unreviewed
CVE-2013-5661
was published
May 5, 2022
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6...
Moderate
Unreviewed
CVE-2019-10875
was published
Apr 30, 2022
NextAuth.js default redirect callback vulnerable to open redirects
Moderate
CVE-2022-24858
was published
for
next-auth
(npm)
Apr 22, 2022
Skype for Business and Lync Spoofing Vulnerability.
Moderate
Unreviewed
CVE-2022-26910
was published
Apr 16, 2022
Verification check bypass in Gate One
Moderate
CVE-2020-19003
was published
for
gateone
(pip)
Oct 12, 2021
Kiali Authentication Bypass vulnerability
Moderate
CVE-2021-20278
was published
for
github.com/kiali/kiali
(Go)
Jun 1, 2021
Verification flaw in Solid identity-token-verifier
Moderate
GHSA-xmh9-rg6f-j3mr
was published
for
@solid/identity-token-verifier
(npm)
Mar 12, 2021
2FA bypass in Wagtail through new device path
Moderate
CVE-2019-16766
was published
for
wagtail-2fa
(pip)
Nov 29, 2019
ProTip!
Advisories are also available from the
GraphQL API