Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

226 advisories

Loading
A vulnerability has been identified in Desigo Insight (All versions). The device does not... Moderate Unreviewed
CVE-2020-15793 was published May 24, 2022
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed
CVE-2020-7705 was published May 24, 2022
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set... Moderate Unreviewed
CVE-2020-13174 was published May 24, 2022
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Moderate Unreviewed
CVE-2020-10951 was published May 24, 2022
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP... Moderate Unreviewed
CVE-2019-19001 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2019-13924 was published May 24, 2022
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct... Moderate Unreviewed
CVE-2016-5710 was published May 24, 2022
Intesync Solismed 3.3sp allows Clickjacking. Moderate Unreviewed
CVE-2019-15930 was published May 24, 2022
vBulletin before 5.5.4 allows clickjacking. Moderate Unreviewed
CVE-2019-17131 was published May 24, 2022
IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2019-4109 was published May 24, 2022
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an... Moderate Unreviewed
CVE-2019-1975 was published May 24, 2022
IBM Cloud Application Performance Management 8.1.4 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2019-4086 was published May 24, 2022
A clickjacking vulnerability was found in Limesurvey before 3.17.14. Moderate Unreviewed
CVE-2019-16175 was published May 24, 2022
IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed
CVE-2019-4285 was published May 24, 2022
Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack against the settings page. As... Moderate Unreviewed
CVE-2019-9147 was published May 24, 2022
Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integration (SAP_XIESR and... Moderate Unreviewed
CVE-2019-0305 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed
CVE-2019-4217 was published May 24, 2022
IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into... Moderate Unreviewed
CVE-2019-4058 was published May 24, 2022
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed
CVE-2022-1803 was published May 21, 2022
The Framework UI permission-dialog implementation in Android 6.x before 2016-06-01 allows... Critical Unreviewed
CVE-2016-2496 was published May 17, 2022
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation... Moderate Unreviewed
CVE-2015-1241 was published May 17, 2022
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and... Moderate Unreviewed
CVE-2017-7440 was published May 17, 2022
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions... Moderate Unreviewed
CVE-2017-5697 was published May 17, 2022
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x... Moderate Unreviewed
CVE-2017-4015 was published May 17, 2022
In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed
CVE-2018-9524 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database