Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
Improper countermeasure against clickjacking attack in client certificates management screen was... Moderate Unreviewed
CVE-2018-16172 was published May 13, 2022
When the RSS Feed preview about:feeds page is framed within another page, it can be used in... High Unreviewed
CVE-2018-18496 was published May 13, 2022
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and... Moderate Unreviewed
CVE-2018-6909 was published May 13, 2022
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75... Moderate Unreviewed
CVE-2018-6178 was published May 13, 2022
In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might... High Unreviewed
CVE-2018-7491 was published May 13, 2022
Improper Restriction of Rendered UI Layers or Frames in yourls Moderate
CVE-2021-3734 was published for yourls/yourls (Composer) Aug 30, 2021
In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses... Moderate Unreviewed
CVE-2021-1006 was published Dec 16, 2021
In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a... High Unreviewed
CVE-2021-1040 was published Dec 16, 2021
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1039 was published Dec 16, 2021
In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking... Moderate Unreviewed
CVE-2021-1038 was published Dec 16, 2021
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0... Moderate Unreviewed
CVE-2019-5767 was published May 13, 2022
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When... Moderate Unreviewed
CVE-2021-40834 was published Dec 11, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2021-39054 was published Dec 14, 2021
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB... High Unreviewed
CVE-2021-1016 was published Dec 16, 2021
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in... High Unreviewed
CVE-2021-0963 was published Dec 16, 2021
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed
CVE-2021-0954 was published Dec 16, 2021
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does... Moderate Unreviewed
CVE-2014-1480 was published May 13, 2022
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox... Moderate Unreviewed
CVE-2013-5614 was published May 13, 2022
An elevation of privilege vulnerability in the System UI could enable a local malicious... Moderate Unreviewed
CVE-2017-0492 was published May 13, 2022
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or... Moderate Unreviewed
CVE-2017-11290 was published May 13, 2022
The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14... Moderate Unreviewed
CVE-2020-9993 was published May 24, 2022
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from... Moderate Unreviewed
CVE-2017-5026 was published May 13, 2022
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for... Moderate Unreviewed
CVE-2017-5016 was published May 13, 2022
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow... Moderate Unreviewed
CVE-2018-12576 was published May 13, 2022
In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed
CVE-2018-9524 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database