Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

237 advisories

Loading
Improper Restriction of Rendered UI Layers or Frames in Apache nifif Moderate
CVE-2018-17192 was published for org.apache.nifi:nifi (Maven) Dec 20, 2018
MarkLee131
Improper Restriction of Rendered UI Layers or Frames in Keycloak Moderate
CVE-2020-1728 was published for org.keycloak:keycloak-core (Maven) Apr 15, 2020
Improper Restriction of Rendered UI Layers or Frames in yourls Moderate
CVE-2021-3734 was published for yourls/yourls (Composer) Aug 30, 2021
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native... Moderate Unreviewed
CVE-2021-43546 was published Dec 9, 2021
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with... Moderate Unreviewed
CVE-2021-38509 was published Dec 9, 2021
By displaying a form validity message in the correct location at the same time as a permission... Moderate Unreviewed
CVE-2021-38508 was published Dec 9, 2021
Through a series of navigations, Firefox could have entered fullscreen mode without notification... Moderate Unreviewed
CVE-2021-38506 was published Dec 9, 2021
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When... Moderate Unreviewed
CVE-2021-40834 was published Dec 11, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2021-39054 was published Dec 14, 2021
In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a... High Unreviewed
CVE-2021-1040 was published Dec 16, 2021
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1039 was published Dec 16, 2021
In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking... Moderate Unreviewed
CVE-2021-1038 was published Dec 16, 2021
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB... High Unreviewed
CVE-2021-1016 was published Dec 16, 2021
In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses... Moderate Unreviewed
CVE-2021-1006 was published Dec 16, 2021
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in... High Unreviewed
CVE-2021-0963 was published Dec 16, 2021
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed
CVE-2021-0954 was published Dec 16, 2021
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed
CVE-2021-34087 was published Jan 11, 2022
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1036 was published Jan 15, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote... Moderate Unreviewed
CVE-2022-22552 was published Jan 22, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2021-22819 was published Jan 29, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed
CVE-2022-22807 was published Feb 11, 2022
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed
CVE-2021-39669 was published Feb 12, 2022
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2021-39038 was published Feb 25, 2022
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed
CVE-2021-41657 was published Mar 11, 2022
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to... Moderate Unreviewed
CVE-2021-3660 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database