Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

230 advisories

Loading
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links... Moderate Unreviewed
CVE-2017-1000455 was published May 14, 2022
Origin Validation Error in Apache NiFi High
CVE-2017-7667 was published for org.apache.nifi:nifi (Maven) May 17, 2022
Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same... High Unreviewed
CVE-2016-5168 was published May 17, 2022
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0... High Unreviewed
CVE-2016-8358 was published May 17, 2022
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can... High Unreviewed
CVE-2022-25227 was published May 21, 2022
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content... High Unreviewed
CVE-2019-9803 was published May 24, 2022
Cross-origin images can be read in violation of the same-origin policy by exporting an image... Moderate Unreviewed
CVE-2019-9797 was published May 24, 2022
If WebRTC permission is requested from documents with data: or blob: URLs, the permission... Moderate Unreviewed
CVE-2019-9808 was published May 24, 2022
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and... Critical Unreviewed
CVE-2018-5409 was published May 24, 2022
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with... Moderate Unreviewed
CVE-2019-8282 was published May 24, 2022
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote... Moderate Unreviewed
CVE-2019-5834 was published May 24, 2022
A vulnerability exists during the installation of add-ons where the initial fetch ignored the... High Unreviewed
CVE-2019-11723 was published May 24, 2022
Images from a different domain can be read using a canvas object in some circumstances. This... Moderate Unreviewed
CVE-2019-9817 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality... High Unreviewed
CVE-2019-5036 was published May 24, 2022
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep... High Unreviewed
CVE-2019-16237 was published May 24, 2022
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep... High Unreviewed
CVE-2019-16235 was published May 24, 2022
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection... Moderate Unreviewed
CVE-2019-16275 was published May 24, 2022
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same... High Unreviewed
CVE-2019-8069 was published May 24, 2022
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass... High Unreviewed
CVE-2019-8075 was published May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could... Critical Unreviewed
CVE-2019-15020 was published May 24, 2022
An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution... High Unreviewed
CVE-2019-19019 was published May 24, 2022
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker... Moderate Unreviewed
CVE-2019-13740 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for... Moderate Unreviewed
CVE-2019-5062 was published May 24, 2022
If two same-origin documents set document.domain differently to become cross-origin, it was... Moderate Unreviewed
CVE-2019-11762 was published May 24, 2022
CardGate Payments plugin for WooCommerce does not validate request origin High
CVE-2020-8819 was published for cardgate/woocommerce (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database