Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

164 advisories

Loading
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking... Moderate Unreviewed
CVE-2021-29827 was published Dec 19, 2024
A malicious website could have used a combination of exiting fullscreen mode and ... Moderate Unreviewed
CVE-2024-1550 was published Feb 20, 2024
A crafted URL containing Arabic script and whitespace characters could have hidden the true... Moderate Unreviewed
CVE-2024-11695 was published Nov 26, 2024
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via... Moderate Unreviewed
CVE-2023-34658 was published Jun 29, 2023
Under certain circumstances, navigating to a webpage would result in the address missing from the... Moderate Unreviewed
CVE-2024-53976 was published Nov 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7... Moderate Unreviewed
CVE-2024-7404 was published Nov 14, 2024
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-7013 was published Jul 17, 2024
Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/#' directory, a login... Moderate Unreviewed
CVE-2024-10454 was published Oct 31, 2024
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the... Moderate Unreviewed
CVE-2024-8388 was published Sep 3, 2024
Select options could obscure the fullscreen notification dialog. This could be used by a... Moderate Unreviewed
CVE-2024-7518 was published Aug 6, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a... Moderate Unreviewed
CVE-2024-9397 was published Oct 1, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
The issue was addressed with improved UI handling. This issue is fixed in macOS Sonoma 14.6,... Moderate Unreviewed
CVE-2024-40817 was published Jul 30, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3... Moderate Unreviewed
CVE-2024-2177 was published Jul 9, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to... Moderate Unreviewed
CVE-2024-3911 was published Apr 23, 2024
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct... Moderate Unreviewed
CVE-2016-5710 was published May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-29981 was published Apr 5, 2024
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5103 was published Oct 9, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the... Moderate Unreviewed
CVE-2023-30961 was published Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4229 was published Aug 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database