Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

150 advisories

Loading
Websites were able to send any requests to the development server and read the response in vite Moderate
CVE-2025-24010 was published for vite (npm) Jan 21, 2025
ivantsepp
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated... Moderate Unreviewed
CVE-2023-29868 was published May 2, 2023
Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and... Moderate Unreviewed
CVE-2023-2445 was published May 2, 2023
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker... Moderate Unreviewed
CVE-2023-29867 was published May 2, 2023
This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Moderate Unreviewed
CVE-2023-27932 was published May 8, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3,... Moderate Unreviewed
CVE-2023-27962 was published May 8, 2023
A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed
CVE-2023-28318 was published May 10, 2023
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate... Moderate Unreviewed
CVE-2024-22062 was published Jul 9, 2024
Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation Moderate
CVE-2023-32993 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed
CVE-2024-21245 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21497 was published Jan 21, 2025
Vulnerability in the Oracle Communications Order and Service Management product of Oracle... Moderate Unreviewed
CVE-2025-21542 was published Jan 21, 2025
Gradio's CORS origin validation accepts the null origin Moderate
CVE-2024-47165 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
A ZigBee coordinator, router, or end device may change their node ID when an unsolicited... Moderate Unreviewed
CVE-2024-7322 was published Jan 15, 2025
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated... Moderate Unreviewed
CVE-2023-23561 was published May 30, 2023
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0... Moderate Unreviewed
CVE-2023-46715 was published Jan 14, 2025
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the... Moderate Unreviewed
CVE-2025-23109 was published Jan 11, 2025
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user... Moderate Unreviewed
CVE-2023-28164 was published Jun 2, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10... Moderate Unreviewed
CVE-2023-2589 was published Jun 7, 2023
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a... Moderate Unreviewed
CVE-2023-29751 was published Jun 9, 2023
An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause... Moderate Unreviewed
CVE-2023-29753 was published Jun 9, 2023
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed
CVE-2023-29756 was published Jun 9, 2023
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests... Moderate Unreviewed
CVE-2024-56170 was published Dec 18, 2024
A cookie management issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2024-44212 was published Dec 12, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2.... Moderate Unreviewed
CVE-2024-54490 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database