GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,550

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

226 advisories

Filter by severity

Sort by

Least recently updated

In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a... High Unreviewed

CVE-2021-0333 was published May 24, 2022

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed

CVE-2021-0305 was published May 24, 2022

In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed... High Unreviewed

CVE-2021-0314 was published May 24, 2022

In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed

CVE-2021-0302 was published May 24, 2022

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options... Moderate Unreviewed

CVE-2021-21444 was published May 24, 2022

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a... Moderate Unreviewed

CVE-2021-21139 was published May 24, 2022

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote... Critical Unreviewed

CVE-2021-21132 was published May 24, 2022

IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the... Moderate Unreviewed

CVE-2020-4547 was published May 24, 2022

In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the... High Unreviewed

CVE-2021-0315 was published May 24, 2022

Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an... Critical Unreviewed

CVE-2021-21111 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the... Moderate Unreviewed

CVE-2020-5020 was published May 24, 2022

Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed

CVE-2020-16032 was published May 24, 2022

Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed

CVE-2020-16033 was published May 24, 2022

Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed

CVE-2020-16031 was published May 24, 2022

Vidyo 02-09-/D allows clickjacking via the portal/ URI. Moderate Unreviewed

CVE-2020-35735 was published May 24, 2022

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy... Moderate Unreviewed

CVE-2020-28218 was published May 24, 2022

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14... Moderate Unreviewed

CVE-2020-9993 was published May 24, 2022

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2020-9987 was published May 24, 2022

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input... Moderate Unreviewed

CVE-2020-9945 was published May 24, 2022

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2020-9942 was published May 24, 2022

Cross-origin iframes that contained a login form could have been recognized by the login autofill... Moderate Unreviewed

CVE-2020-26962 was published May 24, 2022

It was possible to cause the browser to enter fullscreen mode without displaying the security UI;... Moderate Unreviewed

CVE-2020-26953 was published May 24, 2022

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow... Moderate Unreviewed

CVE-2020-4785 was published May 24, 2022

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari... Moderate Unreviewed

CVE-2019-8771 was published May 24, 2022

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of... Moderate Unreviewed

CVE-2020-7371 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

226 advisories