Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

66 advisories

Loading
Microsoft Edge for iOS Spoofing Vulnerability High Unreviewed
CVE-2021-43220 was published Nov 25, 2021
Windows AppX Installer Spoofing Vulnerability High Unreviewed
CVE-2021-43890 was published Dec 16, 2021
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server... High Unreviewed
CVE-2022-26505 was published Mar 7, 2022
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820... High Unreviewed
CVE-2009-1048 was published May 2, 2022
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of... High Unreviewed
CVE-2022-25989 was published May 6, 2022
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2... High Unreviewed
CVE-2018-12331 was published May 13, 2022
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7... High Unreviewed
CVE-2019-0283 was published May 13, 2022
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier... High Unreviewed
CVE-2017-11717 was published May 13, 2022
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2... High Unreviewed
CVE-2017-18190 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... High Unreviewed
CVE-2017-6405 was published May 13, 2022
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by... High Unreviewed
CVE-2017-8422 was published May 13, 2022
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email. High Unreviewed
CVE-2018-15588 was published May 13, 2022
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass... High Unreviewed
CVE-2019-16378 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for... High Unreviewed
CVE-2019-15022 was published May 24, 2022
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP... High Unreviewed
CVE-2020-28856 was published May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing... High Unreviewed
CVE-2020-36128 was published May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise... High Unreviewed
CVE-2021-28810 was published May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek... High Unreviewed
CVE-2021-28372 was published May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability High Unreviewed
CVE-2021-42308 was published May 24, 2022
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in... High Unreviewed
CVE-2022-1762 was published Jun 14, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems... High Unreviewed
CVE-2022-1745 was published Jun 25, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are... High Unreviewed
CVE-2022-22476 was published Jul 9, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to... High Unreviewed
CVE-2022-30319 was published Jul 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database