GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,197

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

222 advisories

Filter by severity

Sort by

Least recently updated

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to... High Unreviewed

CVE-2021-39702 was published Mar 17, 2022

In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed

CVE-2021-39692 was published Mar 17, 2022

The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed

CVE-2021-44683 was published Mar 27, 2022

In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party... Moderate Unreviewed

CVE-2022-28649 was published Apr 6, 2022

In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed

CVE-2021-39796 was published Apr 13, 2022

The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set... Moderate Unreviewed

CVE-2020-13174 was published May 24, 2022

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed

CVE-2021-1403 was published May 24, 2022

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical.... Moderate Unreviewed

CVE-2017-20041 was published Jun 14, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed

CVE-2022-27219 was published Jun 15, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2).... Moderate Unreviewed

CVE-2022-27220 was published Jun 15, 2022

In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when... High Unreviewed

CVE-2021-39691 was published Jun 16, 2022

IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could allow a remote attacker to... Moderate Unreviewed

CVE-2021-29865 was published Jun 25, 2022

In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to... Low Unreviewed

CVE-2022-20226 was published Jul 14, 2022

In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a... High Unreviewed

CVE-2022-20212 was published Jul 14, 2022

The X-Frame-Options header in Rockwell Automation MicroLogix 1100/1400 Versions 21.007 and prior... Moderate Unreviewed

CVE-2022-2179 was published Jul 21, 2022

IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed

CVE-2022-34162 was published Aug 2, 2022

If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have... Moderate Unreviewed

CVE-2022-45418 was published Dec 22, 2022

Service Workers did not detect Private Browsing Mode correctly in all cases, which could have led... Moderate Unreviewed

CVE-2022-45417 was published Dec 22, 2022

Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered... Moderate Unreviewed

CVE-2022-45420 was published Dec 22, 2022

An improper implementation of the new iframe sandbox keyword <code>allow-top-navigation-by-user... Moderate Unreviewed

CVE-2022-29911 was published Dec 22, 2022

SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI... Moderate Unreviewed

CVE-2021-41657 was published Mar 11, 2022

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior... Moderate Unreviewed

CVE-2022-1803 was published May 21, 2022

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4217 was published May 24, 2022

The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking... Moderate Unreviewed

CVE-2022-3260 was published Dec 8, 2022

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack... Moderate Unreviewed

CVE-2019-4285 was published May 24, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

222 advisories