Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

127 advisories

Loading
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed
CVE-2024-21245 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21497 was published Jan 21, 2025
Vulnerability in the Oracle Communications Order and Service Management product of Oracle... Moderate Unreviewed
CVE-2025-21542 was published Jan 21, 2025
A ZigBee coordinator, router, or end device may change their node ID when an unsolicited... Moderate Unreviewed
CVE-2024-7322 was published Jan 15, 2025
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated... Moderate Unreviewed
CVE-2023-23561 was published May 30, 2023
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0... Moderate Unreviewed
CVE-2023-46715 was published Jan 14, 2025
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the... Moderate Unreviewed
CVE-2025-23109 was published Jan 11, 2025
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user... Moderate Unreviewed
CVE-2023-28164 was published Jun 2, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10... Moderate Unreviewed
CVE-2023-2589 was published Jun 7, 2023
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a... Moderate Unreviewed
CVE-2023-29751 was published Jun 9, 2023
An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause... Moderate Unreviewed
CVE-2023-29753 was published Jun 9, 2023
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed
CVE-2023-29756 was published Jun 9, 2023
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests... Moderate Unreviewed
CVE-2024-56170 was published Dec 18, 2024
A cookie management issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2024-44212 was published Dec 12, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2.... Moderate Unreviewed
CVE-2024-54490 was published Dec 12, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks... Moderate Unreviewed
CVE-2024-0009 was published Feb 14, 2024
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and... Moderate Unreviewed
CVE-2022-46718 was published Jun 23, 2023
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2023-28191 was published Jun 23, 2023
This issue was addressed with improved checks to prevent unauthorized actions. This issue is... Moderate Unreviewed
CVE-2022-42860 was published Jun 23, 2023
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking. Moderate Unreviewed
CVE-2024-45495 was published Nov 29, 2024
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed
CVE-2023-32553 was published Jun 27, 2023
An issue in Instrument Cluster KIA Seltos Software v1.0, Hardware v1.0 allows attackers to cause... Moderate Unreviewed
CVE-2024-51072 was published Nov 22, 2024
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-51037 was published Nov 15, 2024
The origin of an external protocol handler prompt could have been obscured using a data: URL... Moderate Unreviewed
CVE-2024-10460 was published Oct 29, 2024
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed... Moderate Unreviewed
CVE-2024-7978 was published Aug 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database