Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

216 advisories

Loading
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47199 was published Jan 23, 2024
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent... High Unreviewed
CVE-2023-47200 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47197 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47195 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47193 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47196 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47194 was published Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2023-47198 was published Jan 23, 2024
A phishing site could have repurposed an `about:` dialog to show phishing content with an... Moderate Unreviewed
CVE-2024-0749 was published Jan 23, 2024
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2023-20275 was published Dec 12, 2023
Overly permissive origin policy High
CVE-2023-49803 was published for @koa/cors (npm) Dec 11, 2023
PawelJ-PL
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse... Moderate Unreviewed
CVE-2023-28794 was published Nov 6, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote... Moderate Unreviewed
CVE-2023-5853 was published Nov 1, 2023
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5859 was published Nov 1, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5851 was published Nov 1, 2023
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed... Moderate Unreviewed
CVE-2023-5858 was published Nov 1, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A... Moderate Unreviewed
CVE-2021-26737 was published Oct 23, 2023
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted... High Unreviewed
CVE-2021-26735 was published Oct 23, 2023
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of... High Unreviewed
CVE-2023-28795 was published Oct 23, 2023
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via... Moderate Unreviewed
CVE-2023-5718 was published Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-44189 was published Oct 12, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-44190 was published Oct 12, 2023
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to... Critical Unreviewed
CVE-2023-3654 was published Oct 3, 2023
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This... High Unreviewed
CVE-2023-2848 was published Sep 14, 2023
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The... High Unreviewed
CVE-2023-29505 was published Aug 4, 2023
ProTip! Advisories are also available from the GraphQL API