Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

153 advisories

Loading
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a... Moderate Unreviewed
CVE-2024-9397 was published Oct 1, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,... Moderate Unreviewed
CVE-2024-40817 was published Jul 30, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3... Moderate Unreviewed
CVE-2024-2177 was published Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to... Moderate Unreviewed
CVE-2024-3911 was published Apr 23, 2024
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct... Moderate Unreviewed
CVE-2016-5710 was published May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-29981 was published Apr 5, 2024
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5103 was published Oct 9, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the... Moderate Unreviewed
CVE-2023-30961 was published Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4229 was published Aug 24, 2023
The permission request prompt from the site in the background tab was overlaid on top of the site... Moderate Unreviewed
CVE-2023-37455 was published Jul 12, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that... Moderate Unreviewed
CVE-2022-43378 was published Jul 6, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2022-32517 was published Jul 6, 2023
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower... Moderate Unreviewed
CVE-2023-23343 was published Jun 23, 2023
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4... Moderate Unreviewed
CVE-2023-3140 was published Jun 7, 2023
AeroCMS v0.0.1 is vulnerable to ClickJacking. Moderate Unreviewed
CVE-2022-46061 was published Dec 13, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp... Moderate Unreviewed
CVE-2022-2965 was published Aug 24, 2022
Intesync Solismed 3.3sp allows Clickjacking. Moderate Unreviewed
CVE-2019-15930 was published May 24, 2022
vBulletin before 5.5.4 allows clickjacking. Moderate Unreviewed
CVE-2019-17131 was published May 24, 2022
A clickjacking vulnerability was found in Limesurvey before 3.17.14. Moderate Unreviewed
CVE-2019-16175 was published May 24, 2022
Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As... Moderate Unreviewed
CVE-2019-9147 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database