Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

343 advisories

Loading
Intermittent HTTP policy bypass High
CVE-2024-28248 was published for github.com/cilium/cilium (Go) Mar 18, 2024
sayboras
Credited to sayboras
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-26163 was published Mar 15, 2024
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for... High Unreviewed
CVE-2023-42938 was published Mar 14, 2024
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an... Moderate Unreviewed
CVE-2023-39368 was published Mar 14, 2024
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when... Moderate Unreviewed
CVE-2023-22655 was published Mar 14, 2024
A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4,... Moderate Unreviewed
CVE-2024-23284 was published Mar 8, 2024
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser ... Moderate Unreviewed
CVE-2023-45593 was published Mar 5, 2024
Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013 (when... Critical Unreviewed
CVE-2024-25091 was published Mar 1, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-21423 was published Feb 24, 2024
Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a... Moderate Unreviewed
CVE-2024-1671 was published Feb 21, 2024
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful... Critical Unreviewed
CVE-2023-52378 was published Feb 18, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-20923 was published Feb 17, 2024
In multiple files, there is a possible way to capture the device screen when disallowed by device... High Unreviewed
CVE-2024-0029 was published Feb 16, 2024
In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config... High Unreviewed
CVE-2024-0014 was published Feb 16, 2024
Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP... Moderate Unreviewed
CVE-2022-48219 was published Feb 15, 2024
Internet Shortcut Files Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21412 was published Feb 13, 2024
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2024-20673 was published Feb 13, 2024
In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any... High Unreviewed
CVE-2024-25744 was published Feb 12, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote... Moderate Unreviewed
CVE-2024-0809 was published Jan 24, 2024
Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85... High Unreviewed
CVE-2024-0804 was published Jan 24, 2024
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security... Moderate Unreviewed
CVE-2024-0747 was published Jan 23, 2024
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl... High Unreviewed
CVE-2023-51748 was published Jan 11, 2024
A privileged attacker can prevent delivery of debug exceptions to SEV-SNP guests potentially... Low Unreviewed
CVE-2023-20573 was published Jan 11, 2024
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as... Low Unreviewed
CVE-2023-4466 was published Dec 29, 2023
Corveda PHPSandbox Protection Mechanism Failure vulnerability Moderate
CVE-2014-125107 was published for corveda/phpsandbox (Composer) Dec 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database