GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
231 advisories
Filter by severity
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to...
Moderate
Unreviewed
CVE-2022-37709
was published
Sep 17, 2022
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking...
Moderate
Unreviewed
CVE-2022-33991
was published
Aug 16, 2022
Due to a bug in the handling of the communication between the client and server, it was possible...
Moderate
Unreviewed
CVE-2022-35629
was published
Jul 30, 2022
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a...
Moderate
Unreviewed
CVE-2022-1495
was published
Jul 27, 2022
Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a...
Moderate
Unreviewed
CVE-2022-1306
was published
Jul 26, 2022
Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88...
Moderate
Unreviewed
CVE-2022-1307
was published
Jul 26, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896...
Moderate
Unreviewed
CVE-2022-1129
was published
Jul 24, 2022
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit...
Moderate
Unreviewed
CVE-2022-32983
was published
Jun 21, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2....
Moderate
Unreviewed
CVE-2021-32076
was published
May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core...
Moderate
Unreviewed
CVE-2020-10135
was published
May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar
Moderate
Unreviewed
CVE-2020-27970
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30619
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30621
was published
May 24, 2022
Windows Hello Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2021-34466
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP...
Moderate
Unreviewed
CVE-2020-13529
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21216
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21215
was published
May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7...
Moderate
Unreviewed
CVE-2021-21492
was published
May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to...
Moderate
Unreviewed
CVE-2021-22890
was published
May 24, 2022
A malicious extension could have opened a popup window lacking an address bar. The title of the...
Moderate
Unreviewed
CVE-2021-23984
was published
May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header...
Moderate
Unreviewed
CVE-2019-25023
was published
May 24, 2022
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote...
Moderate
Unreviewed
CVE-2021-21134
was published
May 24, 2022
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check...
Moderate
Unreviewed
CVE-2020-25686
was published
May 24, 2022
SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the...
Moderate
Unreviewed
CVE-2020-27276
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API