Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Loading
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that... Moderate Unreviewed
CVE-2022-43378 was published Jul 6, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2022-32517 was published Jul 6, 2023
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via... Moderate Unreviewed
CVE-2023-34658 was published Jun 29, 2023
In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to... High Unreviewed
CVE-2022-20443 was published Jun 28, 2023
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower... Moderate Unreviewed
CVE-2023-23343 was published Jun 23, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15... Moderate Unreviewed
CVE-2023-2013 was published Jun 7, 2023
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4... Moderate Unreviewed
CVE-2023-3140 was published Jun 7, 2023
The fullscreen notification could have been hidden on Firefox for Android by using download... Moderate Unreviewed
CVE-2023-28159 was published Jun 2, 2023
By displaying a prompt with a long description, the fullscreen notification could have been... Moderate Unreviewed
CVE-2023-25748 was published Jun 2, 2023
A background script invoking <code>requestFullscreen</code> and then blocking the main thread... Moderate Unreviewed
CVE-2023-25730 was published Jun 2, 2023
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior... Moderate Unreviewed
CVE-2023-1362 was published Mar 13, 2023
The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16,... Moderate Unreviewed
CVE-2022-32891 was published Feb 27, 2023
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2022-40268 was published Feb 2, 2023
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and... Moderate Unreviewed
CVE-2023-23126 was published Feb 1, 2023
Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An... Moderate Unreviewed
CVE-2022-45096 was published Feb 1, 2023
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking... Moderate Unreviewed
CVE-2022-20214 was published Jan 26, 2023
In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a... Moderate Unreviewed
CVE-2022-20213 was published Jan 26, 2023
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a... Moderate Unreviewed
CVE-2022-20215 was published Jan 26, 2023
In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to... High Unreviewed
CVE-2023-20913 was published Jan 26, 2023
Due to a layout change, iframe contents could have been rendered outside of its border. This... Moderate Unreviewed
CVE-2022-28286 was published Dec 22, 2022
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification... Moderate Unreviewed
CVE-2022-29914 was published Dec 22, 2022
An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user... Moderate Unreviewed
CVE-2022-29911 was published Dec 22, 2022
When combining CSS properties for overflow and transform, the mouse cursor could interact with... High Unreviewed
CVE-2022-36319 was published Dec 22, 2022
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote... Moderate Unreviewed
CVE-2022-3034 was published Dec 22, 2022
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have... Moderate Unreviewed
CVE-2022-45418 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database