Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

125 advisories

Loading
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed... Moderate Unreviewed
CVE-2021-27853 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations... Moderate Unreviewed
CVE-2021-27854 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27861 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27862 was published Sep 28, 2022
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the... Moderate Unreviewed
CVE-2022-38712 was published Nov 4, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could... Moderate Unreviewed
CVE-2018-3829 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8425 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8278 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8388 was published May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails... Moderate Unreviewed
CVE-2018-8153 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ... Moderate Unreviewed
CVE-2018-8383 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a... Moderate Unreviewed
CVE-2018-1695 was published May 13, 2022
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to... Moderate Unreviewed
CVE-2022-37709 was published Sep 17, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney... Moderate Unreviewed
CVE-2017-12095 was published May 13, 2022
Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and... Moderate Unreviewed
CVE-2022-41798 was published Dec 5, 2022
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking... Moderate Unreviewed
CVE-2022-33991 was published Aug 16, 2022
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6... Moderate Unreviewed
CVE-2019-10875 was published Apr 30, 2022
Kiali Authentication Bypass vulnerability Moderate
CVE-2021-20278 was published for github.com/kiali/kiali (Go) Jun 1, 2021
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar Moderate Unreviewed
CVE-2020-27970 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30621 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30619 was published May 24, 2022
Windows LSA Spoofing Vulnerability Moderate Unreviewed
CVE-2021-36942 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP... Moderate Unreviewed
CVE-2020-13529 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21216 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21215 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database