Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Critical Unreviewed
CVE-2025-4052 was published May 5, 2025
Copying sensitive information from Private Browsing tabs on Android, such as passwords, may have... High Unreviewed
CVE-2024-11702 was published Nov 26, 2024
Moodle Unsanitized HTML in site log for config_log_created Moderate
CVE-2024-34006 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows... Moderate Unreviewed
CVE-2023-5770 was published Jan 10, 2024
Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a... Moderate Unreviewed
CVE-2023-6512 was published Dec 6, 2023
The application fails to prevent users from connecting to it over unencrypted connections. An... Moderate Unreviewed
CVE-2021-35246 was published Nov 23, 2022
CSRF protection for any URL can be bypassed in Jenkins Pipeline: Input Step Plugin High
CVE-2022-43407 was published for org.jenkins-ci.plugins:pipeline-input-step (Maven) Oct 19, 2022
NotMyFault
Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins High
CVE-2022-43408 was published for org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view (Maven) Oct 19, 2022
Pimcore Access Control Issues Critical
CVE-2019-18981 was published for pimcore/pimcore (Composer) May 24, 2022
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain... High Unreviewed
CVE-2018-9862 was published May 13, 2022
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a... Moderate Unreviewed
CVE-2019-6110 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database