GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
297 advisories
Filter by severity
A missing delay in popup notifications could have made it possible for an attacker to trick a...
High
Unreviewed
CVE-2023-32207
was published
Jun 2, 2023
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of...
Low
Unreviewed
CVE-2024-54158
was published
Dec 4, 2024
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to...
Critical
Unreviewed
CVE-2025-21415
was published
Jan 30, 2025
Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing
Moderate
CVE-2024-23953
was published
for
org.apache.hive:hive-llap-common
(Maven)
Jan 28, 2025
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity...
Moderate
Unreviewed
CVE-2025-24628
was published
Jan 27, 2025
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it...
Critical
Unreviewed
CVE-2024-29006
was published
Apr 4, 2024
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and...
High
Unreviewed
CVE-2025-24458
was published
Jan 21, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a...
Moderate
Unreviewed
CVE-2025-0446
was published
Jan 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83...
Moderate
Unreviewed
CVE-2025-0440
was published
Jan 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote...
Moderate
Unreviewed
CVE-2025-0442
was published
Jan 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a...
Moderate
Unreviewed
CVE-2025-0439
was published
Jan 15, 2025
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83...
Moderate
Unreviewed
CVE-2025-0435
was published
Jan 15, 2025
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction...
Moderate
Unreviewed
CVE-2022-22364
was published
May 3, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions...
Moderate
Unreviewed
CVE-2023-2001
was published
Jun 7, 2023
The Electronic Official Document Management System from 2100 Technology has an Authentication...
Critical
Unreviewed
CVE-2024-13061
was published
Dec 31, 2024
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp...
Critical
Unreviewed
CVE-2024-12108
was published
Dec 31, 2024
An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is...
Critical
Unreviewed
CVE-2024-54450
was published
Dec 27, 2024
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing...
Moderate
Unreviewed
CVE-2024-55232
was published
Dec 19, 2024
Oqtane Framework Incorrect Access Control vulnerability
High
CVE-2024-55470
was published
for
Oqtane.Framework
(NuGet)
Dec 20, 2024
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may...
Moderate
Unreviewed
CVE-2023-34157
was published
Jun 16, 2023
Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows...
Moderate
Unreviewed
CVE-2023-41133
was published
Dec 13, 2024
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a...
Moderate
Unreviewed
CVE-2023-27199
was published
Jul 5, 2023
ProTip!
Advisories are also available from the
GraphQL API