Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

241 advisories

Loading
IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the... Moderate Unreviewed
CVE-2020-4547 was published May 24, 2022
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote... Critical Unreviewed
CVE-2021-21132 was published May 24, 2022
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a... Moderate Unreviewed
CVE-2021-21139 was published May 24, 2022
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options... Moderate Unreviewed
CVE-2021-21444 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0305 was published May 24, 2022
In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed... High Unreviewed
CVE-2021-0314 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0302 was published May 24, 2022
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack... High Unreviewed
CVE-2021-0331 was published May 24, 2022
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a... High Unreviewed
CVE-2021-0333 was published May 24, 2022
The browser could have been confused into transferring a pointer lock state into another tab,... Moderate Unreviewed
CVE-2021-23955 was published May 24, 2022
When accepting a malicious intent from other installed apps, Firefox for Android accepted... High Unreviewed
CVE-2021-23976 was published May 24, 2022
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API... Critical Unreviewed
CVE-2021-23274 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more... High Unreviewed
CVE-2021-22866 was published May 24, 2022
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in... Moderate Unreviewed
CVE-2020-10743 was published May 24, 2022
In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning... High Unreviewed
CVE-2021-0523 was published May 24, 2022
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due... High Unreviewed
CVE-2021-0506 was published May 24, 2022
In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency... High Unreviewed
CVE-2021-0538 was published May 24, 2022
In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0... High Unreviewed
CVE-2021-0537 was published May 24, 2022
In onStart of ContactsDumpActivity.java, there is possible access to contacts due to a tapjacking... Moderate Unreviewed
CVE-2021-0569 was published May 24, 2022
Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote... Moderate Unreviewed
CVE-2021-35300 was published May 24, 2022
In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an... High Unreviewed
CVE-2021-0586 was published May 24, 2022
IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote... Moderate Unreviewed
CVE-2021-20560 was published May 24, 2022
Showing the legitimate URL in the address bar while loading the content from other domain. This... Moderate Unreviewed
CVE-2021-33596 was published May 24, 2022
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated,... Moderate Unreviewed
CVE-2021-37788 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database