Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,496
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

175 advisories

Loading
Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35... Moderate Unreviewed
CVE-2025-1917 was published Mar 5, 2025
Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35... Moderate Unreviewed
CVE-2025-1923 was published Mar 5, 2025
IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By... Moderate Unreviewed
CVE-2024-49796 was published Feb 6, 2025
SAP Commerce (Backoffice) uses the deprecated X-FRAME-OPTIONS header to protect against... Moderate Unreviewed
CVE-2025-24874 was published Feb 11, 2025
The z-order of the browser windows could be manipulated to hide the fullscreen notification. This... Moderate Unreviewed
CVE-2025-1019 was published Feb 4, 2025
Clickjacking vulnerability in typecho v1.2.1. Moderate Unreviewed
CVE-2024-57369 was published Jan 17, 2025
NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset... Moderate Unreviewed
CVE-2024-6466 was published Jan 21, 2025
A background script invoking <code>requestFullscreen</code> and then blocking the main thread... Moderate Unreviewed
CVE-2023-25730 was published Jun 2, 2023
By displaying a prompt with a long description, the fullscreen notification could have been... Moderate Unreviewed
CVE-2023-25748 was published Jun 2, 2023
The fullscreen notification could have been hidden on Firefox for Android by using download... Moderate Unreviewed
CVE-2023-28159 was published Jun 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 1.2 before 15... Moderate Unreviewed
CVE-2023-2013 was published Jun 7, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a... Moderate Unreviewed
CVE-2024-4950 was published May 15, 2024
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking... Moderate Unreviewed
CVE-2021-29827 was published Dec 19, 2024
A malicious website could have used a combination of exiting fullscreen mode and ... Moderate Unreviewed
CVE-2024-1550 was published Feb 20, 2024
A crafted URL containing Arabic script and whitespace characters could have hidden the true... Moderate Unreviewed
CVE-2024-11695 was published Nov 26, 2024
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via... Moderate Unreviewed
CVE-2023-34658 was published Jun 29, 2023
Under certain circumstances, navigating to a webpage would result in the address missing from the... Moderate Unreviewed
CVE-2024-53976 was published Nov 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7... Moderate Unreviewed
CVE-2024-7404 was published Nov 14, 2024
Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-7013 was published Jul 17, 2024
Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/login' directory, a login... Moderate Unreviewed
CVE-2024-10454 was published Oct 31, 2024
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the... Moderate Unreviewed
CVE-2024-8388 was published Sep 3, 2024
Select options could obscure the fullscreen notification dialog. This could be used by a... Moderate Unreviewed
CVE-2024-7518 was published Aug 6, 2024
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not... Moderate Unreviewed
CVE-2023-45698 was published Feb 10, 2024
A missing delay in directory upload UI could have made it possible for an attacker to trick a... Moderate Unreviewed
CVE-2024-9397 was published Oct 1, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid... Moderate Unreviewed
CVE-2024-5698 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database