Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

247 advisories

Loading
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via... Moderate Unreviewed
CVE-2023-47311 was published Nov 20, 2023
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking... Moderate Unreviewed
CVE-2023-6206 was published Nov 21, 2023
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS... Moderate Unreviewed
CVE-2023-6211 was published Nov 21, 2023
An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering... Moderate Unreviewed
CVE-2023-2265 was published Nov 30, 2023
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP... Moderate Unreviewed
CVE-2023-4958 was published Dec 12, 2023
The timing of a button click causing a popup to disappear was approximately the same length as... Moderate Unreviewed
CVE-2023-6867 was published Dec 19, 2023
A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior... Moderate Unreviewed
CVE-2023-6093 was published Dec 31, 2023
The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16... Moderate Unreviewed
CVE-2022-32919 was published Jan 11, 2024
Cross-Frame Scripting vulnerability has been found on Plone CMS High
CVE-2024-0669 was published for Plone (pip) Jan 18, 2024
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1... Low Unreviewed
CVE-2024-20810 was published Feb 6, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
A malicious website could have used a combination of exiting fullscreen mode and ... Moderate Unreviewed
CVE-2024-1550 was published Feb 20, 2024
Vulnerability whereby an attacker could send a malicious link to an authenticated operator, which... Moderate Unreviewed
CVE-2024-1890 was published Feb 26, 2024
Microsoft Edge for Android Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26167 was published Mar 7, 2024
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to... High Unreviewed
CVE-2024-2613 was published Mar 19, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-29981 was published Apr 5, 2024
An unauthenticated remote attacker can deceive users into performing unintended actions due to... Moderate Unreviewed
CVE-2024-3911 was published Apr 23, 2024
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows... Moderate Unreviewed
CVE-2023-47774 was published Apr 24, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
Clickjacking in zenml Moderate
CVE-2024-2383 was published for zenml (pip) Jun 6, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the... High Unreviewed
CVE-2024-33377 was published Jun 14, 2024
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly... Moderate Unreviewed
CVE-2023-42011 was published Jun 27, 2024
A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3... Moderate Unreviewed
CVE-2024-2177 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database