Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,345
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

69 advisories

Loading
Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control... High Unreviewed
CVE-2024-10534 was published Nov 15, 2024
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under... High Unreviewed
CVE-2024-9393 was published Oct 1, 2024
A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal... High Unreviewed
CVE-2024-6674 was published Oct 29, 2024
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change... High Unreviewed
CVE-2024-44734 was published Oct 11, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2024-36303 was published Jun 11, 2024
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause... High Unreviewed
CVE-2022-26137 was published Jul 21, 2022
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e... High Unreviewed
CVE-2024-41143 was published Jul 29, 2024
While copying individual autoupdater log files, reparse point check was missing which could... High Unreviewed
CVE-2024-23458 was published Aug 6, 2024
Origin Validation Error in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5549 was published Jul 9, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2024-36302 was published Jun 11, 2024
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker... High Unreviewed
CVE-2023-40547 was published Jan 25, 2024
An origin validation vulnerability exists in BIG-IP APM browser network access VPN client ... High Unreviewed
CVE-2024-28883 was published May 8, 2024
A vulnerability exists in the too permissive HTTP response header web server settings of the... High Unreviewed
CVE-2024-2377 was published Apr 30, 2024
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... High Unreviewed
CVE-2023-28349 was published May 31, 2023
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of... High Unreviewed
CVE-2023-28795 was published Oct 23, 2023
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted... High Unreviewed
CVE-2021-26735 was published Oct 23, 2023
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This... High Unreviewed
CVE-2023-2848 was published Sep 14, 2023
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The... High Unreviewed
CVE-2023-29505 was published Aug 4, 2023
Mattermost fails to properly validate the origin of a websocket connection allowing a MITM... High Unreviewed
CVE-2023-3581 was published Jul 17, 2023
An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution... High Unreviewed
CVE-2019-19019 was published May 24, 2022
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep... High Unreviewed
CVE-2019-16235 was published May 24, 2022
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep... High Unreviewed
CVE-2019-16237 was published May 24, 2022
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content... High Unreviewed
CVE-2019-9803 was published May 24, 2022
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000,... High Unreviewed
CVE-2000-1218 was published Apr 30, 2022
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent... High Unreviewed
CVE-2023-47200 was published Jan 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database