Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated,... Moderate Unreviewed
CVE-2021-37788 was published May 24, 2022
A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to... Moderate Unreviewed
CVE-2021-35237 was published May 24, 2022
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote... Moderate Unreviewed
CVE-2022-20852 was published Aug 11, 2022
The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16,... Moderate Unreviewed
CVE-2022-32891 was published Feb 27, 2023
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP... Moderate Unreviewed
CVE-2019-19001 was published May 24, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior... Moderate Unreviewed
CVE-2023-1362 was published Mar 13, 2023
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Moderate Unreviewed
CVE-2020-10951 was published May 24, 2022
Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit Moderate
CVE-2023-0780 was published for cockpit-hq/cockpit (Composer) Feb 11, 2023
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and... Moderate Unreviewed
CVE-2023-23126 was published Feb 1, 2023
Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An... Moderate Unreviewed
CVE-2022-45096 was published Feb 1, 2023
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in... Moderate Unreviewed
CVE-2020-10743 was published May 24, 2022
In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to... High Unreviewed
CVE-2023-20913 was published Jan 26, 2023
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to... Moderate Unreviewed
CVE-2021-3660 was published Mar 11, 2022
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2022-40268 was published Feb 2, 2023
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking... Moderate Unreviewed
CVE-2022-20214 was published Jan 26, 2023
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a... Moderate Unreviewed
CVE-2022-20215 was published Jan 26, 2023
IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into... Moderate Unreviewed
CVE-2019-4058 was published May 24, 2022
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2021-39038 was published Feb 25, 2022
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed
CVE-2021-39669 was published Feb 12, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2021-22819 was published Jan 29, 2022
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote... Moderate Unreviewed
CVE-2022-22552 was published Jan 22, 2022
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1036 was published Jan 15, 2022
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed
CVE-2021-34087 was published Jan 11, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed
CVE-2022-22807 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database