Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

194 advisories

Loading
Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows... Moderate Unreviewed
CVE-2024-13066 was published Sep 3, 2025
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2025-1494 was published Aug 26, 2025
Affected is an unknown function of the component Login Page. The manipulation leads to improper... Moderate Unreviewed
CVE-2025-9108 was published Aug 18, 2025
In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper... Moderate Unreviewed
CVE-2025-54527 was published Jul 28, 2025
A vulnerability classified as problematic was found in yangzongzhuan RuoYi up to 4.8.1. Affected... Moderate Unreviewed
CVE-2025-7903 was published Jul 20, 2025
A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to... Moderate Unreviewed
CVE-2025-6983 was published Jul 16, 2025
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP,... Moderate Unreviewed
CVE-2025-6434 was published Jun 26, 2025
The web application is vulnerable to clickjacking attacks. The site can be embedded into another... Moderate Unreviewed
CVE-2025-27455 was published Jul 3, 2025
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking... Moderate Unreviewed
CVE-2025-36027 was published Jun 28, 2025
Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49... Moderate Unreviewed
CVE-2025-6557 was published Jun 24, 2025
Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution... Moderate Unreviewed
CVE-2025-49191 was published Jun 12, 2025
The web application is vulnerable to clickjacking attacks. The site can be embedded into another... Moderate Unreviewed
CVE-2025-49192 was published Jun 12, 2025
A clickjacking vulnerability could have been used to trick a user into leaking saved payment card... Moderate Unreviewed
CVE-2025-5267 was published May 27, 2025
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS... Moderate Unreviewed
CVE-2022-42799 was published Nov 2, 2022
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input... Moderate Unreviewed
CVE-2022-46695 was published Dec 15, 2022
An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user... Moderate Unreviewed
CVE-2022-29911 was published Dec 22, 2022
Due to a layout change, iframe contents could have been rendered outside of its border. This... Moderate Unreviewed
CVE-2022-28286 was published Dec 22, 2022
When reusing existing popups Firefox would have allowed them to cover the fullscreen notification... Moderate Unreviewed
CVE-2022-29914 was published Dec 22, 2022
When receiving an HTML email that specified to load an <code>iframe</code> element from a remote... Moderate Unreviewed
CVE-2022-3034 was published Dec 22, 2022
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered... Moderate Unreviewed
CVE-2022-45420 was published Dec 22, 2022
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have... Moderate Unreviewed
CVE-2022-45418 was published Dec 22, 2022
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led... Moderate Unreviewed
CVE-2022-45417 was published Dec 22, 2022
An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9... Moderate Unreviewed
CVE-2025-0362 was published Apr 10, 2025
Improper restriction of rendered UI layers or frames issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac... Moderate Unreviewed
CVE-2025-25213 was published Apr 9, 2025
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of... Moderate Unreviewed
CVE-2008-2716 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database