GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
153 advisories
Filter by severity
** DISPUTED ** Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which...
Moderate
Unreviewed
CVE-2022-36736
was published
Sep 9, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp...
Moderate
Unreviewed
CVE-2022-2965
was published
Aug 24, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym...
Moderate
Unreviewed
CVE-2022-2800
was published
Aug 13, 2022
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote...
Moderate
Unreviewed
CVE-2022-20852
was published
Aug 11, 2022
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows...
Moderate
Unreviewed
CVE-2022-33723
was published
Aug 6, 2022
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows...
Moderate
Unreviewed
CVE-2022-33727
was published
Aug 6, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By...
Moderate
Unreviewed
CVE-2022-34162
was published
Aug 2, 2022
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior...
Moderate
Unreviewed
CVE-2022-2179
was published
Jul 21, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to...
Moderate
Unreviewed
CVE-2021-29865
was published
Jun 25, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2)....
Moderate
Unreviewed
CVE-2022-27220
was published
Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2)....
Moderate
Unreviewed
CVE-2022-27219
was published
Jun 15, 2022
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical....
Moderate
Unreviewed
CVE-2017-20041
was published
Jun 14, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not...
Moderate
Unreviewed
CVE-2021-38472
was published
May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
Moderate
Unreviewed
CVE-2021-27467
was published
May 24, 2022
A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to...
Moderate
Unreviewed
CVE-2021-35237
was published
May 24, 2022
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X...
Moderate
Unreviewed
CVE-2021-27003
was published
May 24, 2022
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote...
Moderate
Unreviewed
CVE-2021-37971
was published
May 24, 2022
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames
Moderate
Unreviewed
CVE-2021-3799
was published
May 24, 2022
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS...
Moderate
Unreviewed
CVE-2018-19957
was published
May 24, 2022
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable...
Moderate
Unreviewed
CVE-2021-3731
was published
May 24, 2022
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to...
Moderate
Unreviewed
CVE-2021-32070
was published
May 24, 2022
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2021-37788
was published
May 24, 2022
Showing the legitimate URL in the address bar while loading the content from other domain. This...
Moderate
Unreviewed
CVE-2021-33596
was published
May 24, 2022
IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote...
Moderate
Unreviewed
CVE-2021-20560
was published
May 24, 2022
Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote...
Moderate
Unreviewed
CVE-2021-35300
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API