Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,084
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

157 advisories

Loading
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic.... Moderate Unreviewed
CVE-2017-20116 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2017-20118 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2017-20117 was published Jun 30, 2022
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All... Moderate Unreviewed
CVE-2019-6585 was published May 24, 2022
LeafKit allows XSS with untrusted user input Moderate
CVE-2021-37634 was published for github.com/vapor/leaf-kit (Swift) Jun 9, 2023
alextrob
Cross-Site Scripting in forms Moderate
CVE-2017-16015 was published for forms (npm) Nov 9, 2018
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44196 was published Mar 7, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44197 was published Mar 7, 2023
Apache Tomcat allows webmasters to insert xss into error messages Moderate
CVE-2001-0829 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Struts Cross-site scripting Vulnerability Moderate
CVE-2005-3745 was published for org.apache.struts:struts-core (Maven) May 1, 2022
Apache Tomcat's CookieExample Vulnerable to XSS Moderate
CVE-2007-3384 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Apache Tomcat SendMailServlet XSS Moderate
CVE-2007-3383 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue... Moderate Unreviewed
CVE-2023-5582 was published Oct 14, 2023
matrix-react-sdk vulnerable to XSS in Export Chat feature Moderate
CVE-2023-37259 was published for matrix-react-sdk (npm) Jul 18, 2023
Craft CMS stored XSS in indexedVolumes Moderate
CVE-2023-33197 was published for craftcms/cms (Composer) May 26, 2023
WhiteBearVN
Craft CMS stored XSS in review volume Moderate
CVE-2023-33196 was published for craftcms/cms (Composer) May 26, 2023
WhiteBearVN
Critters Cross-site Scripting Vulnerability Moderate
CVE-2023-3481 was published for critters (npm) Aug 11, 2023
go package pydio cells vulnerable to cross-site scripting Moderate
CVE-2023-2981 was published for github.com/pydio/cells (Go) May 30, 2023
HTML Injection in Keycloak Admin REST API Moderate
CVE-2022-1274 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled... Moderate Unreviewed
CVE-2022-4953 was published Aug 14, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco... Moderate Unreviewed
CVE-2023-20222 was published Aug 17, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow... Moderate Unreviewed
CVE-2023-20257 was published Jan 17, 2024
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone... Moderate Unreviewed
CVE-2023-20218 was published Aug 4, 2023
A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP... Moderate Unreviewed
CVE-2023-20181 was published Aug 4, 2023
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2023-20228 was published Aug 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database