Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

182 advisories

Loading
Improper Restriction of Rendered UI Layers or Frames in Apache nifif Moderate
CVE-2018-17192 was published for org.apache.nifi:nifi (Maven) Dec 20, 2018
MarkLee131
Improper Restriction of Rendered UI Layers or Frames in Keycloak Moderate
CVE-2020-1728 was published for org.keycloak:keycloak-core (Maven) Apr 15, 2020
Improper Restriction of Rendered UI Layers or Frames in yourls Moderate
CVE-2021-3734 was published for yourls/yourls (Composer) Aug 30, 2021
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native... Moderate Unreviewed
CVE-2021-43546 was published Dec 9, 2021
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with... Moderate Unreviewed
CVE-2021-38509 was published Dec 9, 2021
By displaying a form validity message in the correct location at the same time as a permission... Moderate Unreviewed
CVE-2021-38508 was published Dec 9, 2021
Through a series of navigations, Firefox could have entered fullscreen mode without notification... Moderate Unreviewed
CVE-2021-38506 was published Dec 9, 2021
A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When... Moderate Unreviewed
CVE-2021-40834 was published Dec 11, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2021-39054 was published Dec 14, 2021
In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking... Moderate Unreviewed
CVE-2021-1038 was published Dec 16, 2021
In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses... Moderate Unreviewed
CVE-2021-1006 was published Dec 16, 2021
Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote... Moderate Unreviewed
CVE-2022-22552 was published Jan 22, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2021-22819 was published Jan 29, 2022
IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2021-39038 was published Feb 25, 2022
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed
CVE-2021-41657 was published Mar 11, 2022
Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to... Moderate Unreviewed
CVE-2021-3660 was published Mar 11, 2022
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management ... Moderate Unreviewed
CVE-2021-27414 was published Mar 12, 2022
Spoofing attack in swagger-ui-dist Moderate
CVE-2021-46708 was published for swagger-ui-dist (npm) Mar 12, 2022
Improper Restriction of Rendered UI Layers or Frames in Sylius Moderate
CVE-2022-24733 was published for sylius/sylius (Composer) Mar 14, 2022
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party... Moderate Unreviewed
CVE-2022-28649 was published Apr 6, 2022
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code... Moderate Unreviewed
CVE-2005-2407 was published May 1, 2022
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of... Moderate Unreviewed
CVE-2008-2716 was published May 1, 2022
This vulnerability allows users to execute a clickjacking attack in the meeting's chat. Moderate Unreviewed
CVE-2021-27773 was published May 13, 2022
Microsoft Internet Explorer 6, 7, and 8 does not enforce intended domain restrictions on content... Moderate Unreviewed
CVE-2011-1244 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to... Moderate Unreviewed
CVE-2018-1853 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database