GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
225 advisories
Filter by severity
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier...
High
Unreviewed
CVE-2017-11717
was published
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could...
Moderate
Unreviewed
CVE-2018-3829
was published
May 13, 2022
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7...
High
Unreviewed
CVE-2019-0283
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8425
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8388
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ...
Moderate
Unreviewed
CVE-2018-8383
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8278
was published
May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails...
Moderate
Unreviewed
CVE-2018-8153
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a...
Moderate
Unreviewed
CVE-2018-1695
was published
May 13, 2022
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2...
High
Unreviewed
CVE-2018-12331
was published
May 13, 2022
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler...
Critical
Unreviewed
CVE-2017-14375
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney...
Moderate
Unreviewed
CVE-2017-12095
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted...
Moderate
Unreviewed
CVE-2017-12096
was published
May 13, 2022
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of...
High
Unreviewed
CVE-2022-25989
was published
May 6, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting.
Moderate
Unreviewed
CVE-2013-5661
was published
May 5, 2022
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820...
High
Unreviewed
CVE-2009-1048
was published
May 2, 2022
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6...
Moderate
Unreviewed
CVE-2019-10875
was published
Apr 30, 2022
Skype for Business and Lync Spoofing Vulnerability.
Moderate
Unreviewed
CVE-2022-26910
was published
Apr 16, 2022
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server...
High
Unreviewed
CVE-2022-26505
was published
Mar 7, 2022
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of...
Critical
Unreviewed
CVE-2022-24112
was published
Feb 12, 2022
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.
Low
Unreviewed
CVE-2021-42320
was published
Feb 11, 2022
In the case of instances where the SAML SSO authentication is enabled (non-default), session data...
Critical
Unreviewed
CVE-2022-23131
was published
Jan 14, 2022
Windows AppX Installer Spoofing Vulnerability
High
Unreviewed
CVE-2021-43890
was published
Dec 16, 2021
Microsoft Edge for iOS Spoofing Vulnerability
High
Unreviewed
CVE-2021-43220
was published
Nov 25, 2021
ProTip!
Advisories are also available from the
GraphQL API