Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

225 advisories

Loading
An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering... Moderate Unreviewed
CVE-2023-2265 was published Nov 30, 2023
If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS... Moderate Unreviewed
CVE-2023-6211 was published Nov 21, 2023
The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking... Moderate Unreviewed
CVE-2023-6206 was published Nov 21, 2023
An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via... Moderate Unreviewed
CVE-2023-47311 was published Nov 20, 2023
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque... Moderate Unreviewed
CVE-2023-4956 was published Nov 7, 2023
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10,... Moderate Unreviewed
CVE-2023-36920 was published Oct 30, 2023
It was possible for certain browser prompts and dialogs to be activated or dismissed... Moderate Unreviewed
CVE-2023-5721 was published Oct 25, 2023
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5103 was published Oct 9, 2023
Economizzer vulnerable to Clickjacking Moderate
CVE-2023-38873 was published for gugoan/economizzer (Composer) Sep 28, 2023
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the... Moderate Unreviewed
CVE-2023-30961 was published Sep 27, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4229 was published Aug 24, 2023
The permission request prompt from the site in the background tab was overlaid on top of the site... Moderate Unreviewed
CVE-2023-37455 was published Jul 12, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that... Moderate Unreviewed
CVE-2022-43378 was published Jul 6, 2023
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... Moderate Unreviewed
CVE-2022-32517 was published Jul 6, 2023
In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to... High Unreviewed
CVE-2022-20443 was published Jun 28, 2023
A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower... Moderate Unreviewed
CVE-2023-23343 was published Jun 23, 2023
Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNIME Business Hub before 1.4... Moderate Unreviewed
CVE-2023-3140 was published Jun 7, 2023
Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior... Moderate Unreviewed
CVE-2023-1362 was published Mar 13, 2023
The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16,... Moderate Unreviewed
CVE-2022-32891 was published Feb 27, 2023
Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit Moderate
CVE-2023-0780 was published for cockpit-hq/cockpit (Composer) Feb 11, 2023
Improper Restriction of Rendered UI Layers or Frames vulnerability in Mitsubishi Electric... Moderate Unreviewed
CVE-2022-40268 was published Feb 2, 2023
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and... Moderate Unreviewed
CVE-2023-23126 was published Feb 1, 2023
Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An... Moderate Unreviewed
CVE-2022-45096 was published Feb 1, 2023
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking... Moderate Unreviewed
CVE-2022-20214 was published Jan 26, 2023
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a... Moderate Unreviewed
CVE-2022-20215 was published Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database