GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

278 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to... Moderate Unreviewed

CVE-2021-32070 was published May 24, 2022

LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable... Moderate Unreviewed

CVE-2021-3731 was published May 24, 2022

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS... Moderate Unreviewed

CVE-2018-19957 was published May 24, 2022

grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames Moderate Unreviewed

CVE-2021-3799 was published May 24, 2022

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote... Moderate Unreviewed

CVE-2021-37971 was published May 24, 2022

Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X... Moderate Unreviewed

CVE-2021-27003 was published May 24, 2022

Hashicorp Boundary vulnerable to clickjacking Moderate

CVE-2022-36182 was published for github.com/hashicorp/boundary (Go) Oct 27, 2022

The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress... Critical Unreviewed

CVE-2021-43048 was published May 24, 2022

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed

CVE-2022-34318 was published Dec 12, 2022

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... Moderate Unreviewed

CVE-2021-27467 was published May 24, 2022

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not... Moderate Unreviewed

CVE-2021-38472 was published May 24, 2022

In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a... High Unreviewed

CVE-2022-20442 was published Dec 13, 2022

In the user interface buttons of PermissionController, there is a possible way to bypass... High Unreviewed

CVE-2021-39617 was published Dec 13, 2022

In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user... High Unreviewed

CVE-2022-20501 was published Dec 13, 2022

In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due... High Unreviewed

CVE-2022-20444 was published Dec 13, 2022

A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed

CVE-2022-33723 was published Aug 6, 2022

A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed

CVE-2022-33727 was published Aug 6, 2022

This vulnerability allows users to execute a clickjacking attack in the meeting's chat. Moderate Unreviewed

CVE-2021-27773 was published May 13, 2022

Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content... Moderate Unreviewed

CVE-2011-1244 was published May 13, 2022

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to... Moderate Unreviewed

CVE-2018-1853 was published May 13, 2022

Improper Restriction of Rendered UI Layers or Frames in Keycloak Moderate

CVE-2020-1728 was published for org.keycloak:keycloak-core (Maven) Apr 15, 2020

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same... Moderate Unreviewed

CVE-2014-1483 was published May 13, 2022

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote... Moderate Unreviewed

CVE-2018-15423 was published May 13, 2022

A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an... Moderate Unreviewed

CVE-2018-0355 was published May 13, 2022

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow... Moderate Unreviewed

CVE-2018-1803 was published May 13, 2022

Previous 1…4…12 Next

Previous 1 2 3 4 5 6 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278 advisories