GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
153 advisories
Filter by severity
In onStart of ContactsDumpActivity.java, there is possible access to contacts due to a tapjacking...
Moderate
Unreviewed
CVE-2021-0569
was published
May 24, 2022
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in...
Moderate
Unreviewed
CVE-2020-10743
was published
May 24, 2022
The browser could have been confused into transferring a pointer lock state into another tab,...
Moderate
Unreviewed
CVE-2021-23955
was published
May 24, 2022
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options...
Moderate
Unreviewed
CVE-2021-21444
was published
May 24, 2022
Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a...
Moderate
Unreviewed
CVE-2021-21139
was published
May 24, 2022
IBM Jazz Foundation products could allow a remote attacker to hijack the clicking action of the...
Moderate
Unreviewed
CVE-2020-4547
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the...
Moderate
Unreviewed
CVE-2020-5020
was published
May 24, 2022
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote...
Moderate
Unreviewed
CVE-2020-16032
was published
May 24, 2022
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote...
Moderate
Unreviewed
CVE-2020-16033
was published
May 24, 2022
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote...
Moderate
Unreviewed
CVE-2020-16031
was published
May 24, 2022
Vidyo 02-09-/D allows clickjacking via the portal/ URI.
Moderate
Unreviewed
CVE-2020-35735
was published
May 24, 2022
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy...
Moderate
Unreviewed
CVE-2020-28218
was published
May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14...
Moderate
Unreviewed
CVE-2020-9993
was published
May 24, 2022
An inconsistent user interface issue was addressed with improved state management. This issue is...
Moderate
Unreviewed
CVE-2020-9987
was published
May 24, 2022
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input...
Moderate
Unreviewed
CVE-2020-9945
was published
May 24, 2022
An inconsistent user interface issue was addressed with improved state management. This issue is...
Moderate
Unreviewed
CVE-2020-9942
was published
May 24, 2022
Cross-origin iframes that contained a login form could have been recognized by the login autofill...
Moderate
Unreviewed
CVE-2020-26962
was published
May 24, 2022
It was possible to cause the browser to enter fullscreen mode without displaying the security UI;...
Moderate
Unreviewed
CVE-2020-26953
was published
May 24, 2022
IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow...
Moderate
Unreviewed
CVE-2020-4785
was published
May 24, 2022
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari...
Moderate
Unreviewed
CVE-2019-8771
was published
May 24, 2022
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of...
Moderate
Unreviewed
CVE-2020-7371
was published
May 24, 2022
A vulnerability has been identified in Desigo Insight (All versions). The device does not...
Moderate
Unreviewed
CVE-2020-15793
was published
May 24, 2022
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set...
Moderate
Unreviewed
CVE-2020-13174
was published
May 24, 2022
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.
Moderate
Unreviewed
CVE-2020-10951
was published
May 24, 2022
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP...
Moderate
Unreviewed
CVE-2019-19001
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API