Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

374 advisories

Loading
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2023-35392 was published Jul 21, 2023
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021... High Unreviewed
CVE-2021-31172 was published May 24, 2022
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021... High Unreviewed
CVE-2021-28478 was published May 24, 2022
Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-28478, CVE-2021... High Unreviewed
CVE-2021-26418 was published May 24, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021... High Unreviewed
CVE-2021-31195 was published May 24, 2022
Microsoft Exchange Server Spoofing Vulnerability High Unreviewed
CVE-2021-31209 was published May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2023-29334 was published Apr 28, 2023
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2023-24935 was published Apr 11, 2023
Microsoft OneNote Spoofing Vulnerability Moderate Unreviewed
CVE-2023-36769 was published Nov 7, 2023
Duplicate Advisory: Authentication Bypass by Spoofing in OPC UA .NET Standard Stack Moderate
GHSA-7wwr-h8cm-9jf7 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Feb 10, 2025 withdrawn
Security Update for the OPC UA .NET Standard Stack Moderate
CVE-2024-42513 was published for OPCFoundation.NetStandard.Opc.Ua.Bindings.Https (NuGet) Mar 3, 2025
TomTervoort
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled High
CVE-2024-32977 was published for OctoPrint (pip) May 14, 2024
jacopotediosi
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27671 was published Mar 5, 2025
Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which... High Unreviewed
CVE-2025-26696 was published Mar 10, 2025
In the case of instances where the SAML SSO authentication is enabled (non-default), session data... Critical Unreviewed
CVE-2022-23131 was published Jan 14, 2022
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a... Moderate Unreviewed
CVE-2025-0446 was published Jan 15, 2025
Vela Server Has Insufficient Webhook Payload Data Verification High
CVE-2025-27616 was published for github.com/go-vela/server (Go) Mar 10, 2025
Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This... Moderate Unreviewed
CVE-2024-8399 was published Sep 3, 2024
Microsoft OneNote Spoofing Vulnerability Moderate Unreviewed
CVE-2023-33140 was published Jun 14, 2023
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0435 was published Jan 15, 2025
Fast-JWT Improperly Validates iss Claims Moderate
CVE-2025-30144 was published for fast-jwt (npm) Mar 19, 2025
tibrn
CoreDNS vulnerable to TuDoor Attacks High
CVE-2023-28452 was published for github.com/coredns/coredns (Go) Sep 18, 2024
Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote... Moderate Unreviewed
CVE-2024-7981 was published Aug 21, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote... Moderate Unreviewed
CVE-2024-8908 was published Sep 17, 2024
On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's... Moderate Unreviewed
CVE-2025-30110 was published Mar 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database