Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action... Moderate Unreviewed
CVE-2022-22503 was published Oct 6, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2019-1975 was published May 24, 2022
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed
CVE-2019-4285 was published May 24, 2022
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking... Moderate Unreviewed
CVE-2022-3260 was published Dec 8, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4217 was published May 24, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed
CVE-2022-1803 was published May 21, 2022
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed
CVE-2021-41657 was published Mar 11, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34162 was published Aug 2, 2022
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior... Moderate Unreviewed
CVE-2022-2179 was published Jul 21, 2022
Apache Druid before 0.23.0 vulnerable to clickjacking Moderate
CVE-2022-28889 was published for org.apache.druid:druid (Maven) Jul 8, 2022
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a... High Unreviewed
CVE-2022-20212 was published Jul 14, 2022
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to... Low Unreviewed
CVE-2022-20226 was published Jul 14, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-29865 was published Jun 25, 2022
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when... High Unreviewed
CVE-2021-39691 was published Jun 16, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27220 was published Jun 15, 2022
pyLoad vulnerable to Improper Restriction of Rendered UI Layers or Frames Moderate
CVE-2023-0057 was published for pyload-ng (pip) Jan 5, 2023
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27219 was published Jun 15, 2022
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical.... Moderate Unreviewed
CVE-2017-20041 was published Jun 14, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set... Moderate Unreviewed
CVE-2020-13174 was published May 24, 2022
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed
CVE-2021-39796 was published Apr 13, 2022
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party... Moderate Unreviewed
CVE-2022-28649 was published Apr 6, 2022
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed
CVE-2021-44683 was published Mar 27, 2022
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed
CVE-2021-39692 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database