Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,729
Maven
4,955
npm
3,489
NuGet
607
pip
3,056
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2024-21383 was published Jan 26, 2024
Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier)... Low Unreviewed
CVE-2020-24439 was published May 24, 2022
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows... Low Unreviewed
CVE-2020-1464 was published May 24, 2022
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC... Low Unreviewed
CVE-2018-1842 was published May 13, 2022
SAML XML Signature wrapping in PySAML2 Low
CVE-2021-21238 was published for pysaml2 (pip) Jan 21, 2021
VictorSG
ProTip! Advisories are also available from the GraphQL API