GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
16 advisories
Filter by severity
A CWE-942: Permissive Cross-domain Policy with Untrusted Domains vulnerability exists that could...
High
Unreviewed
CVE-2022-22808
was published
Feb 11, 2022
Sensitive information disclosure due to CORS misconfiguration. The following products are...
Low
Unreviewed
CVE-2023-2360
was published
Apr 28, 2023
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). When accessing the...
High
Unreviewed
CVE-2023-46098
was published
Nov 14, 2023
A permissive cross-domain policy with untrusted domains vulnerability in Fortinet FortiADC 7.1.0 ...
Moderate
Unreviewed
CVE-2023-25603
was published
Nov 14, 2023
IBM PowerSC 1.3, 2.0, and 2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an...
Moderate
Unreviewed
CVE-2023-50940
was published
Feb 2, 2024
A vulnerability has been identified in Opcenter Quality (All versions), SIMATIC PCS neo (All...
High
Unreviewed
CVE-2023-46281
was published
Dec 12, 2023
A potential attacker with access to the Westermo Lynx device would be able to execute...
Moderate
Unreviewed
CVE-2023-45213
was published
Feb 7, 2024
Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code...
High
Unreviewed
CVE-2023-38125
was published
May 3, 2024
Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code...
High
Unreviewed
CVE-2023-38122
was published
May 3, 2024
Microsoft Edge for Android Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-21382
was published
Jan 26, 2024
SCG Policy Manager, all versions, contains an overly permissive Cross-Origin Resource Policy ...
High
Unreviewed
CVE-2024-37131
was published
Jun 13, 2024
HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Sharing (CORS) vulnerability....
Moderate
Unreviewed
CVE-2023-37526
was published
May 14, 2024
Under certain circumstances the ExacqVision Web Services does not provide sufficient protection...
Moderate
Unreviewed
CVE-2024-32862
was published
Aug 2, 2024
HyperView Geoportal Toolkit in versions though 8.2.4 does not restrict cross-domain requests when...
Moderate
Unreviewed
CVE-2024-6449
was published
Aug 28, 2024
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6
Moderate
Unreviewed
CVE-2024-10315
was published
Nov 11, 2024
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a...
Moderate
Unreviewed
CVE-2024-45642
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API