Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Loading
Malicious websites may have been able to user intent confirmation through tapjacking. This could... High Unreviewed
CVE-2024-11700 was published Nov 26, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
A select option could partially obscure security prompts. This could be used by a malicious site... High Unreviewed
CVE-2024-7523 was published Aug 6, 2024
In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by... High Unreviewed
CVE-2024-31324 was published Jul 9, 2024
In onCreate of multiple files, there is a possible way to trick the user into granting health... High Unreviewed
CVE-2024-31323 was published Jul 9, 2024
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the... High Unreviewed
CVE-2024-33377 was published Jun 14, 2024
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to... High Unreviewed
CVE-2024-2613 was published Mar 19, 2024
In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to... High Unreviewed
CVE-2022-20443 was published Jun 28, 2023
In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to... High Unreviewed
CVE-2023-20913 was published Jan 26, 2023
In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to... High Unreviewed
CVE-2022-20520 was published Dec 20, 2022
In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due... High Unreviewed
CVE-2022-20444 was published Dec 13, 2022
In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user... High Unreviewed
CVE-2022-20501 was published Dec 13, 2022
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a... High Unreviewed
CVE-2022-20442 was published Dec 13, 2022
In the user interface buttons of PermissionController, there is a possible way to bypass... High Unreviewed
CVE-2021-39617 was published Dec 13, 2022
In the Framework, there is a possible way to enable a work profile without user consent due to a... High Unreviewed
CVE-2022-20331 was published Aug 13, 2022
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a... High Unreviewed
CVE-2022-20212 was published Jul 14, 2022
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when... High Unreviewed
CVE-2021-39691 was published Jun 16, 2022
In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an... High Unreviewed
CVE-2021-0586 was published May 24, 2022
In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0... High Unreviewed
CVE-2021-0537 was published May 24, 2022
In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency... High Unreviewed
CVE-2021-0538 was published May 24, 2022
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due... High Unreviewed
CVE-2021-0506 was published May 24, 2022
In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning... High Unreviewed
CVE-2021-0523 was published May 24, 2022
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more... High Unreviewed
CVE-2021-22866 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
When accepting a malicious intent from other installed apps, Firefox for Android accepted... High Unreviewed
CVE-2021-23976 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database