Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

245 advisories

Loading
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. Moderate Unreviewed
CVE-2020-24375 was published May 24, 2022
Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client ... Moderate Unreviewed
CVE-2020-7327 was published May 24, 2022
Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow... Moderate Unreviewed
CVE-2020-7326 was published May 24, 2022
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1)... Moderate Unreviewed
CVE-2020-10136 was published May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide... Moderate Unreviewed
CVE-2020-12272 was published May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass... Moderate Unreviewed
CVE-2019-20790 was published May 24, 2022
Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a... Moderate Unreviewed
CVE-2019-13704 was published May 24, 2022
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13715 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a... Moderate Unreviewed
CVE-2019-13709 was published May 24, 2022
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13708 was published May 24, 2022
Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote... Moderate Unreviewed
CVE-2019-13701 was published May 24, 2022
Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70... Moderate Unreviewed
CVE-2019-13703 was published May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential... Moderate Unreviewed
CVE-2019-18659 was published May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers improperly handle browser cookies, aka ... Moderate Unreviewed
CVE-2019-1357 was published May 24, 2022
A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka... Moderate Unreviewed
CVE-2019-0608 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for... High Unreviewed
CVE-2019-15022 was published May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass... High Unreviewed
CVE-2019-16378 was published May 24, 2022
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able... Moderate Unreviewed
CVE-2019-3884 was published May 24, 2022
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon... Critical Unreviewed
CVE-2018-7842 was published May 24, 2022
Django WSGI Header Spoofing Vulnerability Moderate
CVE-2015-0219 was published for Django (pip) May 17, 2022
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email. High Unreviewed
CVE-2018-15588 was published May 13, 2022
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by... High Unreviewed
CVE-2017-8422 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... High Unreviewed
CVE-2017-6405 was published May 13, 2022
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2... High Unreviewed
CVE-2017-18190 was published May 13, 2022
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by... Critical Unreviewed
CVE-2017-14487 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API