Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

222 advisories

Loading
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33727 was published Aug 6, 2022
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows... Moderate Unreviewed
CVE-2022-33723 was published Aug 6, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34162 was published Aug 2, 2022
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior... Moderate Unreviewed
CVE-2022-2179 was published Jul 21, 2022
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to... Low Unreviewed
CVE-2022-20226 was published Jul 14, 2022
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a... High Unreviewed
CVE-2022-20212 was published Jul 14, 2022
Apache Druid before 0.23.0 vulnerable to clickjacking Moderate
CVE-2022-28889 was published for org.apache.druid:druid (Maven) Jul 8, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-29865 was published Jun 25, 2022
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when... High Unreviewed
CVE-2021-39691 was published Jun 16, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27220 was published Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27219 was published Jun 15, 2022
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical.... Moderate Unreviewed
CVE-2017-20041 was published Jun 14, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not... Moderate Unreviewed
CVE-2021-38472 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... Moderate Unreviewed
CVE-2021-27467 was published May 24, 2022
The Interior Server and Gateway Server components of TIBCO Software Inc.'s TIBCO PartnerExpress... Critical Unreviewed
CVE-2021-43048 was published May 24, 2022
A missing HTTP header (X-Frame-Options) in Kiwi Syslog Server has left customers vulnerable to... Moderate Unreviewed
CVE-2021-35237 was published May 24, 2022
Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X... Moderate Unreviewed
CVE-2021-27003 was published May 24, 2022
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote... Moderate Unreviewed
CVE-2021-37971 was published May 24, 2022
grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames Moderate Unreviewed
CVE-2021-3799 was published May 24, 2022
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS... Moderate Unreviewed
CVE-2018-19957 was published May 24, 2022
LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable... Moderate Unreviewed
CVE-2021-3731 was published May 24, 2022
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to... Moderate Unreviewed
CVE-2021-32070 was published May 24, 2022
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated,... Moderate Unreviewed
CVE-2021-37788 was published May 24, 2022
Showing the legitimate URL in the address bar while loading the content from other domain. This... Moderate Unreviewed
CVE-2021-33596 was published May 24, 2022
IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote... Moderate Unreviewed
CVE-2021-20560 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database