GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
153 advisories
Filter by severity
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not...
Moderate
Unreviewed
CVE-2023-45698
was published
Feb 10, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a...
Moderate
Unreviewed
CVE-2024-9397
was published
Oct 1, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid...
Moderate
Unreviewed
CVE-2024-5698
was published
Jun 11, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,...
Moderate
Unreviewed
CVE-2024-40817
was published
Jul 30, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3...
Moderate
Unreviewed
CVE-2024-2177
was published
Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly...
Moderate
Unreviewed
CVE-2023-42011
was published
Jun 27, 2024
Microsoft Edge for Android Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-26167
was published
Mar 7, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows...
Moderate
Unreviewed
CVE-2023-47774
was published
Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to...
Moderate
Unreviewed
CVE-2024-3911
was published
Apr 23, 2024
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct...
Moderate
Unreviewed
CVE-2016-5710
was published
May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-29981
was published
Apr 5, 2024
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged...
Moderate
Unreviewed
CVE-2023-5103
was published
Oct 9, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the...
Moderate
Unreviewed
CVE-2023-30961
was published
Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4229
was published
Aug 24, 2023
The permission request prompt from the site in the background tab was overlaid on top of the site...
Moderate
Unreviewed
CVE-2023-37455
was published
Jul 12, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that...
Moderate
Unreviewed
CVE-2022-43378
was published
Jul 6, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could...
Moderate
Unreviewed
CVE-2022-32517
was published
Jul 6, 2023
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower...
Moderate
Unreviewed
CVE-2023-23343
was published
Jun 23, 2023
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME
Business Hub before 1.4...
Moderate
Unreviewed
CVE-2023-3140
was published
Jun 7, 2023
AeroCMS v0.0.1 is vulnerable to ClickJacking.
Moderate
Unreviewed
CVE-2022-46061
was published
Dec 13, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp...
Moderate
Unreviewed
CVE-2022-2965
was published
Aug 24, 2022
Intesync Solismed 3.3sp allows Clickjacking.
Moderate
Unreviewed
CVE-2019-15930
was published
May 24, 2022
vBulletin before 5.5.4 allows clickjacking.
Moderate
Unreviewed
CVE-2019-17131
was published
May 24, 2022
A clickjacking vulnerability was found in Limesurvey before 3.17.14.
Moderate
Unreviewed
CVE-2019-16175
was published
May 24, 2022
Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As...
Moderate
Unreviewed
CVE-2019-9147
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API