Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

182 advisories

Loading
Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same... Moderate Unreviewed
CVE-2014-1483 was published May 13, 2022
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote... Moderate Unreviewed
CVE-2018-15423 was published May 13, 2022
A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an... Moderate Unreviewed
CVE-2018-0355 was published May 13, 2022
Improper countermeasure against clickjacking attack in client certificates management screen was... Moderate Unreviewed
CVE-2018-16172 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow... Moderate Unreviewed
CVE-2018-1803 was published May 13, 2022
Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75... Moderate Unreviewed
CVE-2018-6178 was published May 13, 2022
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and... Moderate Unreviewed
CVE-2018-6909 was published May 13, 2022
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0... Moderate Unreviewed
CVE-2019-5767 was published May 13, 2022
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does... Moderate Unreviewed
CVE-2014-1480 was published May 13, 2022
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox... Moderate Unreviewed
CVE-2013-5614 was published May 13, 2022
An elevation of privilege vulnerability in the System UI could enable a local malicious... Moderate Unreviewed
CVE-2017-0492 was published May 13, 2022
An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or... Moderate Unreviewed
CVE-2017-11290 was published May 13, 2022
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for... Moderate Unreviewed
CVE-2017-5016 was published May 13, 2022
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from... Moderate Unreviewed
CVE-2017-5026 was published May 13, 2022
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow... Moderate Unreviewed
CVE-2018-12576 was published May 13, 2022
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x... Moderate Unreviewed
CVE-2017-4015 was published May 17, 2022
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions... Moderate Unreviewed
CVE-2017-5697 was published May 17, 2022
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and... Moderate Unreviewed
CVE-2017-7440 was published May 17, 2022
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation... Moderate Unreviewed
CVE-2015-1241 was published May 17, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed
CVE-2022-1803 was published May 21, 2022
IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into... Moderate Unreviewed
CVE-2019-4058 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4217 was published May 24, 2022
Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and... Moderate Unreviewed
CVE-2019-0305 was published May 24, 2022
Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As... Moderate Unreviewed
CVE-2019-9147 was published May 24, 2022
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed
CVE-2019-4285 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database