Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Loading
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to... Moderate Unreviewed
CVE-2024-3911 was published Apr 23, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-29981 was published Apr 5, 2024
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to... High Unreviewed
CVE-2024-2613 was published Mar 19, 2024
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which... Moderate Unreviewed
CVE-2024-1890 was published Feb 26, 2024
A malicious website could have used a combination of exiting fullscreen mode and ... Moderate Unreviewed
CVE-2024-1550 was published Feb 20, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1... Low Unreviewed
CVE-2024-20810 was published Feb 6, 2024
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16... Moderate Unreviewed
CVE-2022-32919 was published Jan 11, 2024
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior... Moderate Unreviewed
CVE-2023-6093 was published Dec 31, 2023
The timing of a button click causing a popup to disappear was approximately the same length as... Moderate Unreviewed
CVE-2023-6867 was published Dec 19, 2023
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP... Moderate Unreviewed
CVE-2023-4958 was published Dec 12, 2023
An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering... Moderate Unreviewed
CVE-2023-2265 was published Nov 30, 2023
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS... Moderate Unreviewed
CVE-2023-6211 was published Nov 21, 2023
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking... Moderate Unreviewed
CVE-2023-6206 was published Nov 21, 2023
An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via... Moderate Unreviewed
CVE-2023-47311 was published Nov 20, 2023
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,... Moderate Unreviewed
CVE-2023-36920 was published Oct 30, 2023
It was possible for certain browser prompts and dialogs to be activated or dismissed... Moderate Unreviewed
CVE-2023-5721 was published Oct 25, 2023
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5103 was published Oct 9, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the... Moderate Unreviewed
CVE-2023-30961 was published Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4229 was published Aug 24, 2023
The permission request prompt from the site in the background tab was overlaid on top of the site... Moderate Unreviewed
CVE-2023-37455 was published Jul 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database