GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
237 advisories
Filter by severity
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking...
Moderate
Unreviewed
CVE-2021-29827
was published
Dec 19, 2024
Under certain circumstances, navigating to a webpage would result in the address missing from the...
Moderate
Unreviewed
CVE-2024-53976
was published
Nov 26, 2024
Malicious websites may have been able to user intent confirmation through tapjacking. This could...
High
Unreviewed
CVE-2024-11700
was published
Nov 26, 2024
A crafted URL containing Arabic script and whitespace characters could have hidden the true...
Moderate
Unreviewed
CVE-2024-11695
was published
Nov 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7...
Moderate
Unreviewed
CVE-2024-7404
was published
Nov 14, 2024
Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/login' directory, a login...
Moderate
Unreviewed
CVE-2024-10454
was published
Oct 31, 2024
Opening an external link to an HTTP website when Firefox iOS was previously closed and had an...
Critical
Unreviewed
CVE-2024-10004
was published
Oct 16, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a...
Moderate
Unreviewed
CVE-2024-9397
was published
Oct 1, 2024
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the...
Moderate
Unreviewed
CVE-2024-8388
was published
Sep 3, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due...
High
Unreviewed
CVE-2024-34743
was published
Aug 16, 2024
A select option could partially obscure security prompts. This could be used by a malicious site...
High
Unreviewed
CVE-2024-7523
was published
Aug 6, 2024
Select options could obscure the fullscreen notification dialog. This could be used by a...
Moderate
Unreviewed
CVE-2024-7518
was published
Aug 6, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,...
Moderate
Unreviewed
CVE-2024-40817
was published
Jul 30, 2024
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a...
Moderate
Unreviewed
CVE-2023-7013
was published
Jul 17, 2024
In onCreate of multiple files, there is a possible way to trick the user into granting health...
High
Unreviewed
CVE-2024-31323
was published
Jul 9, 2024
In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by...
High
Unreviewed
CVE-2024-31324
was published
Jul 9, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3...
Moderate
Unreviewed
CVE-2024-2177
was published
Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly...
Moderate
Unreviewed
CVE-2023-42011
was published
Jun 27, 2024
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the...
High
Unreviewed
CVE-2024-33377
was published
Jun 14, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid...
Moderate
Unreviewed
CVE-2024-5698
was published
Jun 11, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a...
Moderate
Unreviewed
CVE-2024-4950
was published
May 15, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows...
Moderate
Unreviewed
CVE-2023-47774
was published
Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to...
Moderate
Unreviewed
CVE-2024-3911
was published
Apr 23, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-29981
was published
Apr 5, 2024
ProTip!
Advisories are also available from the
GraphQL API