Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

153 advisories

Loading
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party... Moderate Unreviewed
CVE-2022-28649 was published Apr 6, 2022
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set... Moderate Unreviewed
CVE-2020-13174 was published May 24, 2022
A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical.... Moderate Unreviewed
CVE-2017-20041 was published Jun 14, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27219 was published Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed
CVE-2022-27220 was published Jun 15, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2021-29865 was published Jun 25, 2022
The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior... Moderate Unreviewed
CVE-2022-2179 was published Jul 21, 2022
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2022-34162 was published Aug 2, 2022
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have... Moderate Unreviewed
CVE-2022-45418 was published Dec 22, 2022
Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led... Moderate Unreviewed
CVE-2022-45417 was published Dec 22, 2022
Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered... Moderate Unreviewed
CVE-2022-45420 was published Dec 22, 2022
An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user... Moderate Unreviewed
CVE-2022-29911 was published Dec 22, 2022
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed
CVE-2021-41657 was published Mar 11, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed
CVE-2022-1803 was published May 21, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4217 was published May 24, 2022
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking... Moderate Unreviewed
CVE-2022-3260 was published Dec 8, 2022
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed
CVE-2019-4285 was published May 24, 2022
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2019-1975 was published May 24, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym... Moderate Unreviewed
CVE-2022-2800 was published Aug 13, 2022
IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action... Moderate Unreviewed
CVE-2022-22503 was published Oct 6, 2022
Through a series of navigations, Firefox could have entered fullscreen mode without notification... Moderate Unreviewed
CVE-2021-38506 was published Dec 9, 2021
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with... Moderate Unreviewed
CVE-2021-38509 was published Dec 9, 2021
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native... Moderate Unreviewed
CVE-2021-43546 was published Dec 9, 2021
By displaying a form validity message in the correct location at the same time as a permission... Moderate Unreviewed
CVE-2021-38508 was published Dec 9, 2021
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2019-13924 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database