Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
906
Swift
38
Unreviewed advisories
All unreviewed
5,000+

48 advisories

Loading
Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote... Moderate Unreviewed
CVE-2024-7019 was published Sep 24, 2024
Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a... Moderate Unreviewed
CVE-2023-7282 was published Sep 24, 2024
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-7281 was published Sep 24, 2024
Windows MSHTML Platform Spoofing Vulnerability High Unreviewed
CVE-2024-43461 was published Sep 10, 2024
Microsoft Teams for iOS Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38197 was published Aug 13, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote... Moderate Unreviewed
CVE-2024-6999 was published Aug 6, 2024
The date picker could partially obscure security prompts. This could be used by a malicious site... High Unreviewed
CVE-2024-7529 was published Aug 6, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11... Low Unreviewed
CVE-2024-6595 was published Jul 17, 2024
Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105... Moderate Unreviewed
CVE-2023-7011 was published Jul 17, 2024
Windows MSHTML Platform Spoofing Vulnerability High Unreviewed
CVE-2024-38112 was published Jul 9, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38082 was published Jun 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38093 was published Jun 20, 2024
In certain scenarios a malicious website could attempt to display a fake location URL bar which... Moderate Unreviewed
CVE-2024-38313 was published Jun 13, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-30055 was published May 14, 2024
In multiple functions of NotificationManagerService.java, there is a possible way to not show a... Critical Unreviewed
CVE-2024-23708 was published May 7, 2024
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the... Moderate Unreviewed
CVE-2023-50938 was published Feb 2, 2024
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90... Moderate Unreviewed
CVE-2023-2937 was published May 31, 2023
Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an... Moderate Unreviewed
CVE-2023-2941 was published May 31, 2023
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
Improper CSP in Image Optimization API for Next.js versions between 10.0.0 and 12.1.0 Moderate
CVE-2022-23646 was published for next (npm) Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database