GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,544

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

241 advisories

Filter by severity

Sort by

Least recently updated

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed

CVE-2022-1803 was published May 21, 2022

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4217 was published May 24, 2022

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking... Moderate Unreviewed

CVE-2022-3260 was published Dec 8, 2022

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed

CVE-2019-4285 was published May 24, 2022

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an... Moderate Unreviewed

CVE-2019-1975 was published May 24, 2022

A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed

CVE-2022-2800 was published Aug 13, 2022

IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action... Moderate Unreviewed

CVE-2022-22503 was published Oct 6, 2022

Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior... Unknown Unreviewed

CVE-2022-2734 was published Aug 10, 2022

In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to... High Unreviewed

CVE-2022-20520 was published Dec 20, 2022

Through a series of navigations, Firefox could have entered fullscreen mode without notification... Moderate Unreviewed

CVE-2021-38506 was published Dec 9, 2021

Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with... Moderate Unreviewed

CVE-2021-38509 was published Dec 9, 2021

It was possible to recreate previous cursor spoofing attacks against users with a zoomed native... Moderate Unreviewed

CVE-2021-43546 was published Dec 9, 2021

By displaying a form validity message in the correct location at the same time as a permission... Moderate Unreviewed

CVE-2021-38508 was published Dec 9, 2021

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed

CVE-2019-13924 was published May 24, 2022

A vulnerability has been identified in Desigo Insight (All versions). The device does not... Moderate Unreviewed

CVE-2020-15793 was published May 24, 2022

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari... Moderate Unreviewed

CVE-2019-8771 was published May 24, 2022

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow... Moderate Unreviewed

CVE-2020-4785 was published May 24, 2022

Cross-origin iframes that contained a login form could have been recognized by the login autofill... Moderate Unreviewed

CVE-2020-26962 was published May 24, 2022

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2020-9942 was published May 24, 2022

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy... Moderate Unreviewed

CVE-2020-28218 was published May 24, 2022

Vidyo 02-09-/D allows clickjacking via the portal/ URI. Moderate Unreviewed

CVE-2020-35735 was published May 24, 2022

It was possible to cause the browser to enter fullscreen mode without displaying the security UI;... Moderate Unreviewed

CVE-2020-26953 was published May 24, 2022

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input... Moderate Unreviewed

CVE-2020-9945 was published May 24, 2022

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2020-9987 was published May 24, 2022

Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed

CVE-2020-16031 was published May 24, 2022

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories