GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In maybeShowDialog of ControlsSettingsDialogManager.kt, there is a possible overlay of the... High Unreviewed

CVE-2025-32350 was published Sep 4, 2025

In multiple locations, there is a possible privilege escalation due to a tapjacking/overlay... High Unreviewed

CVE-2025-32349 was published Sep 4, 2025

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows... Moderate Unreviewed

CVE-2024-13066 was published Sep 3, 2025

Cross-Frame Scripting (XFS) vulnerability in BoomCMS v9.1.4 from UXB London. XFS is a web attack... Low Unreviewed

CVE-2025-41000 was published Sep 3, 2025

IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the... Moderate Unreviewed

CVE-2025-1494 was published Aug 26, 2025

Affected is an unknown function of the component Login Page. The manipulation leads to improper... Moderate Unreviewed

CVE-2025-9108 was published Aug 18, 2025

In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper... Moderate Unreviewed

CVE-2025-54527 was published Jul 28, 2025

A vulnerability classified as problematic was found in yangzongzhuan RuoYi up to 4.8.1. Affected... Moderate Unreviewed

CVE-2025-7903 was published Jul 20, 2025

A Clickjacking vulnerability in TP-Link Archer C1200 web management page allows an attacker to... Moderate Unreviewed

CVE-2025-6983 was published Jul 16, 2025

The web application is vulnerable to clickjacking attacks. The site can be embedded into another... Moderate Unreviewed

CVE-2025-27455 was published Jul 3, 2025

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking... Moderate Unreviewed

CVE-2025-36027 was published Jun 28, 2025

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP,... Moderate Unreviewed

CVE-2025-6434 was published Jun 26, 2025

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49... Moderate Unreviewed

CVE-2025-6557 was published Jun 24, 2025

Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution... Moderate Unreviewed

CVE-2025-49191 was published Jun 12, 2025

The web application is vulnerable to clickjacking attacks. The site can be embedded into another... Moderate Unreviewed

CVE-2025-49192 was published Jun 12, 2025

A clickjacking vulnerability could have been used to trick a user into leaking saved payment card... Moderate Unreviewed

CVE-2025-5267 was published May 27, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 7.7 before 17.8.7, 17.9... Moderate Unreviewed

CVE-2025-0362 was published Apr 10, 2025

Improper restriction of rendered UI layers or frames issue exists in Wi-Fi AP UNIT 'AC-WPS-11ac... Moderate Unreviewed

CVE-2025-25213 was published Apr 9, 2025

Improper restriction of rendered UI layers or frames issue exists in HMI ViewJet C-more series,... Moderate Unreviewed

CVE-2025-24310 was published Apr 4, 2025

Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35... Moderate Unreviewed

CVE-2025-1923 was published Mar 5, 2025

Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35... Moderate Unreviewed

CVE-2025-1917 was published Mar 5, 2025

A select option could partially obscure the confirmation prompt shown before launching external... High Unreviewed

CVE-2025-1940 was published Mar 4, 2025

SAP Commerce (Backoffice) uses the deprecated X-FRAME-OPTIONS header to protect against... Moderate Unreviewed

CVE-2025-24874 was published Feb 11, 2025

IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed

CVE-2024-49796 was published Feb 6, 2025

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This... Moderate Unreviewed

CVE-2025-1019 was published Feb 4, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

259 advisories