GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
153 advisories
Filter by severity
A missing delay in directory upload UI could have made it possible for an attacker to trick a...
Moderate
Unreviewed
CVE-2024-9397
was published
Oct 1, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,...
Moderate
Unreviewed
CVE-2024-40817
was published
Jul 30, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3...
Moderate
Unreviewed
CVE-2024-2177
was published
Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly...
Moderate
Unreviewed
CVE-2023-42011
was published
Jun 27, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid...
Moderate
Unreviewed
CVE-2024-5698
was published
Jun 11, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows...
Moderate
Unreviewed
CVE-2023-47774
was published
Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to...
Moderate
Unreviewed
CVE-2024-3911
was published
Apr 23, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-29981
was published
Apr 5, 2024
Microsoft Edge for Android Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-26167
was published
Mar 7, 2024
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which...
Moderate
Unreviewed
CVE-2024-1890
was published
Feb 26, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not...
Moderate
Unreviewed
CVE-2023-45698
was published
Feb 10, 2024
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16...
Moderate
Unreviewed
CVE-2022-32919
was published
Jan 11, 2024
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior...
Moderate
Unreviewed
CVE-2023-6093
was published
Dec 31, 2023
The timing of a button click causing a popup to disappear was approximately the same length as...
Moderate
Unreviewed
CVE-2023-6867
was published
Dec 19, 2023
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP...
Moderate
Unreviewed
CVE-2023-4958
was published
Dec 12, 2023
An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering...
Moderate
Unreviewed
CVE-2023-2265
was published
Nov 30, 2023
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS...
Moderate
Unreviewed
CVE-2023-6211
was published
Nov 21, 2023
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking...
Moderate
Unreviewed
CVE-2023-6206
was published
Nov 21, 2023
An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via...
Moderate
Unreviewed
CVE-2023-47311
was published
Nov 20, 2023
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque...
Moderate
Unreviewed
CVE-2023-4956
was published
Nov 7, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,...
Moderate
Unreviewed
CVE-2023-36920
was published
Oct 30, 2023
It was possible for certain browser prompts and dialogs to be activated or dismissed...
Moderate
Unreviewed
CVE-2023-5721
was published
Oct 25, 2023
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged...
Moderate
Unreviewed
CVE-2023-5103
was published
Oct 9, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the...
Moderate
Unreviewed
CVE-2023-30961
was published
Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4229
was published
Aug 24, 2023
ProTip!
Advisories are also available from the
GraphQL API