Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-27360 was published May 3, 2024
A vulnerability exists in the too permissive HTTP response header web server settings of the... High Unreviewed
CVE-2024-2377 was published Apr 30, 2024
Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS High
CVE-2024-1249 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
dhvakr
Keycloak path traversal vulnerability in the redirect validation High
CVE-2024-2419 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Ollama DNS rebinding vulnerability High
CVE-2024-28224 was published for github.com/ollama/ollama (Go) Apr 8, 2024
MeshCentral cross-site websocket hijacking (CSWSH) vulnerability High
CVE-2024-26135 was published for meshcentral (npm) Feb 21, 2024
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker... High Unreviewed
CVE-2023-40547 was published Jan 25, 2024
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI High
CVE-2024-23898 was published for org.jenkins-ci.main:jenkins-core (Maven) Jan 24, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47199 was published Jan 23, 2024
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent... High Unreviewed
CVE-2023-47200 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47193 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47197 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47198 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47196 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47194 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47195 was published Jan 23, 2024
Overly permissive origin policy High
CVE-2023-49803 was published for @koa/cors (npm) Dec 11, 2023
PawelJ-PL
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of... High Unreviewed
CVE-2023-28795 was published Oct 23, 2023
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted... High Unreviewed
CVE-2021-26735 was published Oct 23, 2023
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This... High Unreviewed
CVE-2023-2848 was published Sep 14, 2023
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The... High Unreviewed
CVE-2023-29505 was published Aug 4, 2023
Mattermost fails to properly validate the origin of a websocket connection allowing a MITM... High Unreviewed
CVE-2023-3581 was published Jul 17, 2023
D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an... High Unreviewed
CVE-2023-32223 was published Jun 28, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a... High Unreviewed
CVE-2023-25188 was published Jun 16, 2023
An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level... High Unreviewed
CVE-2023-27745 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database