Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

237 advisories

Loading
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content... Moderate Unreviewed
CVE-2011-1244 was published May 13, 2022
This vulnerability allows users to execute a clickjacking attack in the meeting's chat. Moderate Unreviewed
CVE-2021-27773 was published May 13, 2022
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of... Moderate Unreviewed
CVE-2008-2716 was published May 1, 2022
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code... Moderate Unreviewed
CVE-2005-2407 was published May 1, 2022
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed
CVE-2021-39796 was published Apr 13, 2022
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party... Moderate Unreviewed
CVE-2022-28649 was published Apr 6, 2022
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed
CVE-2021-44683 was published Mar 27, 2022
In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to... High Unreviewed
CVE-2021-39702 was published Mar 17, 2022
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed
CVE-2021-39692 was published Mar 17, 2022
Improper Restriction of Rendered UI Layers or Frames in Sylius Moderate
CVE-2022-24733 was published for sylius/sylius (Composer) Mar 14, 2022
Spoofing attack in swagger-ui-dist Moderate
CVE-2021-46708 was published for swagger-ui-dist (npm) Mar 12, 2022
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to... Moderate Unreviewed
CVE-2021-3660 was published Mar 11, 2022
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed
CVE-2021-41657 was published Mar 11, 2022
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2021-39038 was published Feb 25, 2022
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed
CVE-2021-39669 was published Feb 12, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed
CVE-2022-22807 was published Feb 11, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2021-22819 was published Jan 29, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote... Moderate Unreviewed
CVE-2022-22552 was published Jan 22, 2022
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1036 was published Jan 15, 2022
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed
CVE-2021-34087 was published Jan 11, 2022
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed
CVE-2021-0954 was published Dec 16, 2021
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in... High Unreviewed
CVE-2021-0963 was published Dec 16, 2021
In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses... Moderate Unreviewed
CVE-2021-1006 was published Dec 16, 2021
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB... High Unreviewed
CVE-2021-1016 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database