Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

241 advisories

Loading
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed
CVE-2021-0954 was published Dec 16, 2021
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does... Moderate Unreviewed
CVE-2014-1480 was published May 13, 2022
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox... Moderate Unreviewed
CVE-2013-5614 was published May 13, 2022
An elevation of privilege vulnerability in the System UI could enable a local malicious... Moderate Unreviewed
CVE-2017-0492 was published May 13, 2022
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or... Moderate Unreviewed
CVE-2017-11290 was published May 13, 2022
The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14... Moderate Unreviewed
CVE-2020-9993 was published May 24, 2022
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from... Moderate Unreviewed
CVE-2017-5026 was published May 13, 2022
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for... Moderate Unreviewed
CVE-2017-5016 was published May 13, 2022
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow... Moderate Unreviewed
CVE-2018-12576 was published May 13, 2022
In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed
CVE-2018-9524 was published May 13, 2022
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible... High Unreviewed
CVE-2018-9458 was published May 13, 2022
IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2019-4109 was published May 24, 2022
IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2019-4086 was published May 24, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed
CVE-2022-22807 was published Feb 11, 2022
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed
CVE-2021-34087 was published Jan 11, 2022
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1036 was published Jan 15, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote... Moderate Unreviewed
CVE-2022-22552 was published Jan 22, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2021-22819 was published Jan 29, 2022
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed
CVE-2021-39669 was published Feb 12, 2022
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2021-39038 was published Feb 25, 2022
IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into... Moderate Unreviewed
CVE-2019-4058 was published May 24, 2022
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a... Moderate Unreviewed
CVE-2022-20215 was published Jan 26, 2023
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking... Moderate Unreviewed
CVE-2022-20214 was published Jan 26, 2023
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2022-40268 was published Feb 2, 2023
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to... Moderate Unreviewed
CVE-2021-3660 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database