GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,462

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Filter by severity

Sort by

Least recently updated

In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by... High Unreviewed

CVE-2024-31324 was published Jul 9, 2024

In onCreate of multiple files, there is a possible way to trick the user into granting health... High Unreviewed

CVE-2024-31323 was published Jul 9, 2024

In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed

CVE-2024-34743 was published Aug 16, 2024

Malicious websites may have been able to user intent confirmation through tapjacking. This could... High Unreviewed

CVE-2024-11700 was published Nov 26, 2024

LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the... High Unreviewed

CVE-2024-33377 was published Jun 14, 2024

A select option could partially obscure security prompts. This could be used by a malicious site... High Unreviewed

CVE-2024-7523 was published Aug 6, 2024

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to... High Unreviewed

CVE-2024-2613 was published Mar 19, 2024

In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to... High Unreviewed

CVE-2022-20443 was published Jun 28, 2023

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed

CVE-2020-7705 was published May 24, 2022

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to... High Unreviewed

CVE-2023-20913 was published Jan 26, 2023

In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed

CVE-2021-39669 was published Feb 12, 2022

In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed

CVE-2021-1036 was published Jan 15, 2022

In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed

CVE-2021-34087 was published Jan 11, 2022

A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed

CVE-2022-22807 was published Feb 11, 2022

In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible... High Unreviewed

CVE-2018-9458 was published May 13, 2022

In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed

CVE-2018-9524 was published May 13, 2022

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed

CVE-2021-0954 was published Dec 16, 2021

In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in... High Unreviewed

CVE-2021-0963 was published Dec 16, 2021

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB... High Unreviewed

CVE-2021-1016 was published Dec 16, 2021

In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed

CVE-2021-1039 was published Dec 16, 2021

In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a... High Unreviewed

CVE-2021-1040 was published Dec 16, 2021

In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might... High Unreviewed

CVE-2018-7491 was published May 13, 2022

When the RSS Feed preview about:feeds page is framed within another page, it can be used in... High Unreviewed

CVE-2018-18496 was published May 13, 2022

In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due... High Unreviewed

CVE-2022-20444 was published Dec 13, 2022

In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user... High Unreviewed

CVE-2022-20501 was published Dec 13, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories