GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
135 advisories
Filter by severity
Skype for Business and Lync Spoofing Vulnerability.
Moderate
Unreviewed
CVE-2022-26910
was published
Apr 16, 2022
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6...
Moderate
Unreviewed
CVE-2019-10875
was published
Apr 30, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting.
Moderate
Unreviewed
CVE-2013-5661
was published
May 5, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted...
Moderate
Unreviewed
CVE-2017-12096
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney...
Moderate
Unreviewed
CVE-2017-12095
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a...
Moderate
Unreviewed
CVE-2018-1695
was published
May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails...
Moderate
Unreviewed
CVE-2018-8153
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8278
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ...
Moderate
Unreviewed
CVE-2018-8383
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8388
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8425
was published
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could...
Moderate
Unreviewed
CVE-2018-3829
was published
May 13, 2022
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able...
Moderate
Unreviewed
CVE-2019-3884
was published
May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka...
Moderate
Unreviewed
CVE-2019-0608
was published
May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka ...
Moderate
Unreviewed
CVE-2019-1357
was published
May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential...
Moderate
Unreviewed
CVE-2019-18659
was published
May 24, 2022
Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote...
Moderate
Unreviewed
CVE-2019-13701
was published
May 24, 2022
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed...
Moderate
Unreviewed
CVE-2019-13708
was published
May 24, 2022
Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70...
Moderate
Unreviewed
CVE-2019-13703
was published
May 24, 2022
Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a...
Moderate
Unreviewed
CVE-2019-13704
was published
May 24, 2022
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70...
Moderate
Unreviewed
CVE-2019-13715
was published
May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a...
Moderate
Unreviewed
CVE-2019-13709
was published
May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass...
Moderate
Unreviewed
CVE-2019-20790
was published
May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide...
Moderate
Unreviewed
CVE-2020-12272
was published
May 24, 2022
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1)...
Moderate
Unreviewed
CVE-2020-10136
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API