Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

228 advisories

Loading
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x... Moderate Unreviewed
CVE-2017-4015 was published May 17, 2022
In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed
CVE-2018-9524 was published May 13, 2022
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible... High Unreviewed
CVE-2018-9458 was published May 13, 2022
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow... Moderate Unreviewed
CVE-2018-12576 was published May 13, 2022
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from... Moderate Unreviewed
CVE-2017-5026 was published May 13, 2022
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for... Moderate Unreviewed
CVE-2017-5016 was published May 13, 2022
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or... Moderate Unreviewed
CVE-2017-11290 was published May 13, 2022
An elevation of privilege vulnerability in the System UI could enable a local malicious... Moderate Unreviewed
CVE-2017-0492 was published May 13, 2022
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does... Moderate Unreviewed
CVE-2014-1480 was published May 13, 2022
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox... Moderate Unreviewed
CVE-2013-5614 was published May 13, 2022
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0... Moderate Unreviewed
CVE-2019-5767 was published May 13, 2022
In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might... High Unreviewed
CVE-2018-7491 was published May 13, 2022
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and... Moderate Unreviewed
CVE-2018-6909 was published May 13, 2022
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75... Moderate Unreviewed
CVE-2018-6178 was published May 13, 2022
When the RSS Feed preview about:feeds page is framed within another page, it can be used in... High Unreviewed
CVE-2018-18496 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow... Moderate Unreviewed
CVE-2018-1803 was published May 13, 2022
Improper countermeasure against clickjacking attack in client certificates management screen was... Moderate Unreviewed
CVE-2018-16172 was published May 13, 2022
A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an... Moderate Unreviewed
CVE-2018-0355 was published May 13, 2022
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote... Moderate Unreviewed
CVE-2018-15423 was published May 13, 2022
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same... Moderate Unreviewed
CVE-2014-1483 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to... Moderate Unreviewed
CVE-2018-1853 was published May 13, 2022
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content... Moderate Unreviewed
CVE-2011-1244 was published May 13, 2022
This vulnerability allows users to execute a clickjacking attack in the meeting's chat. Moderate Unreviewed
CVE-2021-27773 was published May 13, 2022
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of... Moderate Unreviewed
CVE-2008-2716 was published May 1, 2022
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code... Moderate Unreviewed
CVE-2005-2407 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database