Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

209 advisories

Loading
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-29865 was published Jun 25, 2022
Apache Druid before 0.23.0 vulnerable to clickjacking Moderate
CVE-2022-28889 was published for org.apache.druid:druid (Maven) Jul 8, 2022
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior... Moderate Unreviewed
CVE-2022-2179 was published Jul 21, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34162 was published Aug 2, 2022
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33723 was published Aug 6, 2022
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33727 was published Aug 6, 2022
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote... Moderate Unreviewed
CVE-2022-20852 was published Aug 11, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp... Moderate Unreviewed
CVE-2022-2965 was published Aug 24, 2022
** DISPUTED ** Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which... Moderate Unreviewed
CVE-2022-36736 was published Sep 9, 2022
IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action... Moderate Unreviewed
CVE-2022-22503 was published Oct 6, 2022
Hashicorp Boundary vulnerable to clickjacking Moderate
CVE-2022-36182 was published for github.com/hashicorp/boundary (Go) Oct 27, 2022
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS... Moderate Unreviewed
CVE-2022-42799 was published Nov 2, 2022
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking... Moderate Unreviewed
CVE-2022-3260 was published Dec 8, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34318 was published Dec 12, 2022
AeroCMS v0.0.1 is vulnerable to ClickJacking. Moderate Unreviewed
CVE-2022-46061 was published Dec 13, 2022
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input... Moderate Unreviewed
CVE-2022-46695 was published Dec 15, 2022
In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check... Moderate Unreviewed
CVE-2022-20553 was published Dec 21, 2022
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led... Moderate Unreviewed
CVE-2022-45417 was published Dec 22, 2022
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have... Moderate Unreviewed
CVE-2022-45418 was published Dec 22, 2022
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered... Moderate Unreviewed
CVE-2022-45420 was published Dec 22, 2022
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote... Moderate Unreviewed
CVE-2022-3034 was published Dec 22, 2022
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification... Moderate Unreviewed
CVE-2022-29914 was published Dec 22, 2022
An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user... Moderate Unreviewed
CVE-2022-29911 was published Dec 22, 2022
Due to a layout change, iframe contents could have been rendered outside of its border. This... Moderate Unreviewed
CVE-2022-28286 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database