GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,607
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,298
Maven 5,576
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 920
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,710

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90 advisories

Filter by severity

Sort by

Least recently updated

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... High Unreviewed

CVE-2022-22637 was published Sep 25, 2022

SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS)... High Unreviewed

CVE-2025-46737 was published May 12, 2025

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... High Unreviewed

CVE-2025-3462 was published May 9, 2025

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking... High Unreviewed

CVE-2022-42927 was published Dec 22, 2022

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. High Unreviewed

CVE-2021-33959 was published Jan 18, 2023

An code execution vulnerability exists in the Xiaomi smarthome application product. The... High Unreviewed

CVE-2024-45352 was published Mar 27, 2025

A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This... High Unreviewed

CVE-2024-8024 was published Mar 20, 2025

A CORS misconfiguration in danswer-ai/danswer v1.4.1 allows attackers to steal sensitive... High Unreviewed

CVE-2024-7819 was published Mar 20, 2025

This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS... High Unreviewed

CVE-2023-27944 was published May 8, 2023

Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier... High Unreviewed

CVE-2023-23578 was published May 10, 2023

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed

CVE-2025-21511 was published Jan 21, 2025

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29743 was published May 31, 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29745 was published May 31, 2023

Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code... High Unreviewed

CVE-2023-33740 was published May 31, 2023

Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules... High Unreviewed

CVE-2023-30196 was published May 30, 2023

An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level... High Unreviewed

CVE-2023-27745 was published Jun 2, 2023

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed

CVE-2023-27360 was published May 3, 2024

An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to... High Unreviewed

CVE-2024-55917 was published Dec 31, 2024

There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed

CVE-2022-32144 was published Dec 20, 2024

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a... High Unreviewed

CVE-2023-25188 was published Jun 16, 2023

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an... High Unreviewed

CVE-2023-32223 was published Jun 28, 2023

lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain... High Unreviewed

CVE-2024-50654 was published Nov 15, 2024

Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control... High Unreviewed

CVE-2024-10534 was published Nov 15, 2024

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under... High Unreviewed

CVE-2024-9393 was published Oct 1, 2024

A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal... High Unreviewed

CVE-2024-6674 was published Oct 29, 2024

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

90 advisories