Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
** DISPUTED ** Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which... Moderate Unreviewed
CVE-2022-36736 was published Sep 9, 2022
Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and... Moderate Unreviewed
CVE-2019-0305 was published May 24, 2022
Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As... Moderate Unreviewed
CVE-2019-9147 was published May 24, 2022
A clickjacking vulnerability was found in Limesurvey before 3.17.14. Moderate Unreviewed
CVE-2019-16175 was published May 24, 2022
vBulletin before 5.5.4 allows clickjacking. Moderate Unreviewed
CVE-2019-17131 was published May 24, 2022
Intesync Solismed 3.3sp allows Clickjacking. Moderate Unreviewed
CVE-2019-15930 was published May 24, 2022
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed
CVE-2020-7705 was published May 24, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp... Moderate Unreviewed
CVE-2022-2965 was published Aug 24, 2022
AeroCMS v0.0.1 is vulnerable to ClickJacking. Moderate Unreviewed
CVE-2022-46061 was published Dec 13, 2022
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4... Moderate Unreviewed
CVE-2023-3140 was published Jun 7, 2023
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower... Moderate Unreviewed
CVE-2023-23343 was published Jun 23, 2023
In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to... High Unreviewed
CVE-2022-20443 was published Jun 28, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2022-32517 was published Jul 6, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that... Moderate Unreviewed
CVE-2022-43378 was published Jul 6, 2023
The permission request prompt from the site in the background tab was overlaid on top of the site... Moderate Unreviewed
CVE-2023-37455 was published Jul 12, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4229 was published Aug 24, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the... Moderate Unreviewed
CVE-2023-30961 was published Sep 27, 2023
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5103 was published Oct 9, 2023
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-29981 was published Apr 5, 2024
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct... Moderate Unreviewed
CVE-2016-5710 was published May 24, 2022
An unauthenticated remote attacker can deceive users into performing unintended actions due to... Moderate Unreviewed
CVE-2024-3911 was published Apr 23, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
EC-CUBE Improper Restriction of Rendered UI Layers or Frames Moderate
CVE-2020-5679 was published for ec-cube/ec-cube (Composer) May 24, 2022
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database