Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

262 advisories

Loading
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2022-48349 was published Mar 28, 2023
Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The... Moderate Unreviewed
CVE-2020-6158 was published Feb 21, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking... Moderate Unreviewed
CVE-2023-51321 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed
CVE-2023-51327 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Shared Asset Booking... Moderate Unreviewed
CVE-2023-51323 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed
CVE-2023-51326 was published Feb 20, 2025
Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4... Moderate Unreviewed
CVE-2025-25055 was published Feb 18, 2025
AMI SPx contains a vulnerability in BMC where a User may cause an authentication bypass by... High Unreviewed
CVE-2023-34329 was published Jul 18, 2023
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote... Critical Unreviewed
CVE-2023-31424 was published Aug 31, 2023
The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed
CVE-2022-3180 was published Feb 12, 2025
The device ID is based on IMEI in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Moderate Unreviewed
CVE-2024-36557 was published Feb 6, 2025
A missing delay in popup notifications could have made it possible for an attacker to trick a... High Unreviewed
CVE-2023-32207 was published Jun 2, 2023
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of... Low Unreviewed
CVE-2024-54158 was published Dec 4, 2024
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed
CVE-2025-21415 was published Jan 30, 2025
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity... Moderate Unreviewed
CVE-2025-24628 was published Jan 27, 2025
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Critical Unreviewed
CVE-2024-29006 was published Apr 4, 2024
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and... High Unreviewed
CVE-2025-24458 was published Jan 21, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a... Moderate Unreviewed
CVE-2025-0446 was published Jan 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0440 was published Jan 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote... Moderate Unreviewed
CVE-2025-0442 was published Jan 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a... Moderate Unreviewed
CVE-2025-0439 was published Jan 15, 2025
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0435 was published Jan 15, 2025
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction... Moderate Unreviewed
CVE-2022-22364 was published May 3, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions... Moderate Unreviewed
CVE-2023-2001 was published Jun 7, 2023
Windows CryptoAPI Spoofing Vulnerability. High Unreviewed
CVE-2022-34689 was published Oct 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database