Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96 advisories

Loading
Origin Validation Error vulnerability in Akinsoft LimonDesk allows Forceful Browsing.This issue... High Unreviewed
CVE-2024-13068 was published Sep 3, 2025
An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client... High Unreviewed
CVE-2025-51605 was published Aug 22, 2025
'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects... High Unreviewed
CVE-2025-9180 was published Aug 19, 2025
Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab... High Unreviewed
CVE-2025-53600 was published Jul 4, 2025
An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may... High Unreviewed
CVE-2024-31127 was published Jun 4, 2025
SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS)... High Unreviewed
CVE-2025-46737 was published May 12, 2025
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other... High Unreviewed
CVE-2025-3462 was published May 9, 2025
An code execution vulnerability exists in the Xiaomi smarthome application product. The... High Unreviewed
CVE-2024-45352 was published Mar 27, 2025
A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This... High Unreviewed
CVE-2024-8024 was published Mar 20, 2025
A CORS misconfiguration in danswer-ai/danswer v1.4.1 allows attackers to steal sensitive... High Unreviewed
CVE-2024-7819 was published Mar 20, 2025
GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed
CVE-2024-10956 was published Mar 20, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed
CVE-2025-21511 was published Jan 21, 2025
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to... High Unreviewed
CVE-2024-55917 was published Dec 31, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed
CVE-2022-32144 was published Dec 20, 2024
lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain... High Unreviewed
CVE-2024-50654 was published Nov 15, 2024
Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control... High Unreviewed
CVE-2024-10534 was published Nov 15, 2024
A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal... High Unreviewed
CVE-2024-6674 was published Oct 29, 2024
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change... High Unreviewed
CVE-2024-44734 was published Oct 11, 2024
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under... High Unreviewed
CVE-2024-9393 was published Oct 1, 2024
While copying individual autoupdater log files, reparse point check was missing which could... High Unreviewed
CVE-2024-23458 was published Aug 6, 2024
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e... High Unreviewed
CVE-2024-41143 was published Jul 29, 2024
Origin Validation Error in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5549 was published Jul 9, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2024-36303 was published Jun 11, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed
CVE-2024-36302 was published Jun 11, 2024
An origin validation vulnerability exists in BIG-IP APM browser network access VPN client ... High Unreviewed
CVE-2024-28883 was published May 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database