Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Loading
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full... Moderate Unreviewed
CVE-2016-9473 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed
CVE-2016-9468 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed
CVE-2016-9467 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the ... Moderate Unreviewed
CVE-2017-0888 was published May 17, 2022
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content... Moderate Unreviewed
CVE-2016-9460 was published May 17, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6,... Moderate Unreviewed
CVE-2022-32816 was published Sep 25, 2022
Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote... Moderate Unreviewed
CVE-2022-3313 was published Nov 2, 2022
In strings.xml, there is a possible permission bypass due to a misleading string. This could lead... Moderate Unreviewed
CVE-2022-20530 was published Dec 20, 2022
Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window... Moderate Unreviewed
CVE-2022-45404 was published Dec 22, 2022
A malicious website that could create a popup could have resized the popup to overlay the address... Moderate Unreviewed
CVE-2022-34479 was published Dec 22, 2022
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another... Moderate Unreviewed
CVE-2022-22762 was published Dec 22, 2022
When resizing a popup after requesting fullscreen access, the popup would not display the... Moderate Unreviewed
CVE-2022-26383 was published Dec 22, 2022
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414... Moderate Unreviewed
CVE-2023-0130 was published Jan 10, 2023
Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote... Moderate Unreviewed
CVE-2023-0700 was published Feb 7, 2023
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90... Moderate Unreviewed
CVE-2023-2938 was published May 31, 2023
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90... Moderate Unreviewed
CVE-2023-2937 was published May 31, 2023
Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an... Moderate Unreviewed
CVE-2023-2941 was published May 31, 2023
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a... Moderate Unreviewed
CVE-2024-0805 was published Jan 24, 2024
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the... Moderate Unreviewed
CVE-2023-50938 was published Feb 2, 2024
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote... Moderate Unreviewed
CVE-2024-2631 was published Mar 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-30055 was published May 14, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database