Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

180 advisories

Loading
A background script invoking <code>requestFullscreen</code> and then blocking the main thread... Moderate Unreviewed
CVE-2023-25730 was published Jun 2, 2023
By displaying a prompt with a long description, the fullscreen notification could have been... Moderate Unreviewed
CVE-2023-25748 was published Jun 2, 2023
The fullscreen notification could have been hidden on Firefox for Android by using download... Moderate Unreviewed
CVE-2023-28159 was published Jun 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15... Moderate Unreviewed
CVE-2023-2013 was published Jun 7, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking... Moderate Unreviewed
CVE-2021-29827 was published Dec 19, 2024
A malicious website could have used a combination of exiting fullscreen mode and ... Moderate Unreviewed
CVE-2024-1550 was published Feb 20, 2024
A crafted URL containing Arabic script and whitespace characters could have hidden the true... Moderate Unreviewed
CVE-2024-11695 was published Nov 26, 2024
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via... Moderate Unreviewed
CVE-2023-34658 was published Jun 29, 2023
Under certain circumstances, navigating to a webpage would result in the address missing from the... Moderate Unreviewed
CVE-2024-53976 was published Nov 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7... Moderate Unreviewed
CVE-2024-7404 was published Nov 14, 2024
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-7013 was published Jul 17, 2024
Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/login' directory, a login... Moderate Unreviewed
CVE-2024-10454 was published Oct 31, 2024
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the... Moderate Unreviewed
CVE-2024-8388 was published Sep 3, 2024
Select options could obscure the fullscreen notification dialog. This could be used by a... Moderate Unreviewed
CVE-2024-7518 was published Aug 6, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a... Moderate Unreviewed
CVE-2024-9397 was published Oct 1, 2024
Clickjacking in zenml Moderate
CVE-2024-2383 was published for zenml (pip) Jun 6, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,... Moderate Unreviewed
CVE-2024-40817 was published Jul 30, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3... Moderate Unreviewed
CVE-2024-2177 was published Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
EC-CUBE Improper Restriction of Rendered UI Layers or Frames Moderate
CVE-2020-5679 was published for ec-cube/ec-cube (Composer) May 24, 2022
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database