Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

181 advisories

Loading
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and... Moderate Unreviewed
CVE-2018-6909 was published May 13, 2022
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75... Moderate Unreviewed
CVE-2018-6178 was published May 13, 2022
Improper countermeasure against clickjacking attack in client certificates management screen was... Moderate Unreviewed
CVE-2018-16172 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow... Moderate Unreviewed
CVE-2018-1803 was published May 13, 2022
A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an... Moderate Unreviewed
CVE-2018-0355 was published May 13, 2022
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote... Moderate Unreviewed
CVE-2018-15423 was published May 13, 2022
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same... Moderate Unreviewed
CVE-2014-1483 was published May 13, 2022
Improper Restriction of Rendered UI Layers or Frames in Keycloak Moderate
CVE-2020-1728 was published for org.keycloak:keycloak-core (Maven) Apr 15, 2020
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to... Moderate Unreviewed
CVE-2018-1853 was published May 13, 2022
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content... Moderate Unreviewed
CVE-2011-1244 was published May 13, 2022
This vulnerability allows users to execute a clickjacking attack in the meeting's chat. Moderate Unreviewed
CVE-2021-27773 was published May 13, 2022
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33727 was published Aug 6, 2022
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33723 was published Aug 6, 2022
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of... Moderate Unreviewed
CVE-2008-2716 was published May 1, 2022
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code... Moderate Unreviewed
CVE-2005-2407 was published May 1, 2022
Due to a layout change, iframe contents could have been rendered outside of its border. This... Moderate Unreviewed
CVE-2022-28286 was published Dec 22, 2022
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote... Moderate Unreviewed
CVE-2022-3034 was published Dec 22, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not... Moderate Unreviewed
CVE-2021-38472 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... Moderate Unreviewed
CVE-2021-27467 was published May 24, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34318 was published Dec 12, 2022
Hashicorp Boundary vulnerable to clickjacking Moderate
CVE-2022-36182 was published for github.com/hashicorp/boundary (Go) Oct 27, 2022
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X... Moderate Unreviewed
CVE-2021-27003 was published May 24, 2022
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote... Moderate Unreviewed
CVE-2021-37971 was published May 24, 2022
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames Moderate Unreviewed
CVE-2021-3799 was published May 24, 2022
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS... Moderate Unreviewed
CVE-2018-19957 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database