Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

249 advisories

Loading
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an... Critical Unreviewed
CVE-2021-21111 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the... Moderate Unreviewed
CVE-2020-5020 was published May 24, 2022
Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed
CVE-2020-16032 was published May 24, 2022
Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed
CVE-2020-16033 was published May 24, 2022
Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote... Moderate Unreviewed
CVE-2020-16031 was published May 24, 2022
Vidyo 02-09-/D allows clickjacking via the portal/ URI. Moderate Unreviewed
CVE-2020-35735 was published May 24, 2022
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy... Moderate Unreviewed
CVE-2020-28218 was published May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14... Moderate Unreviewed
CVE-2020-9993 was published May 24, 2022
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2020-9987 was published May 24, 2022
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input... Moderate Unreviewed
CVE-2020-9945 was published May 24, 2022
An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed
CVE-2020-9942 was published May 24, 2022
Cross-origin iframes that contained a login form could have been recognized by the login autofill... Moderate Unreviewed
CVE-2020-26962 was published May 24, 2022
It was possible to cause the browser to enter fullscreen mode without displaying the security UI;... Moderate Unreviewed
CVE-2020-26953 was published May 24, 2022
EC-CUBE Improper Restriction of Rendered UI Layers or Frames Moderate
CVE-2020-5679 was published for ec-cube/ec-cube (Composer) May 24, 2022
IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow... Moderate Unreviewed
CVE-2020-4785 was published May 24, 2022
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari... Moderate Unreviewed
CVE-2019-8771 was published May 24, 2022
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of... Moderate Unreviewed
CVE-2020-7371 was published May 24, 2022
A vulnerability has been identified in Desigo Insight (All versions). The device does not... Moderate Unreviewed
CVE-2020-15793 was published May 24, 2022
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed
CVE-2020-7705 was published May 24, 2022
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set... Moderate Unreviewed
CVE-2020-13174 was published May 24, 2022
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Moderate Unreviewed
CVE-2020-10951 was published May 24, 2022
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP... Moderate Unreviewed
CVE-2019-19001 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2019-13924 was published May 24, 2022
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct... Moderate Unreviewed
CVE-2016-5710 was published May 24, 2022
Jenkins REST APIs vulnerable to clickjacking Low
CVE-2020-2105 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database