Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,887 advisories

Loading
phpMyFAQ vulnerable to Cross-site Scripting Moderate
CVE-2022-4408 was published for thorsten/phpmyfaq (Composer) Dec 11, 2022
NukeView CMS vulnerable to Cross-site Scripting Moderate
CVE-2022-3975 was published for nukeviet/nukeviet (Composer) Nov 13, 2022
YetiForce CRM vulnerable to stored Cross-site Scripting Moderate
CVE-2022-3002 was published for yetiforce/yetiforce-crm (Composer) Oct 6, 2022
Awesome Support vulnerable to persistent cross-site scripting Moderate
CVE-2022-38073 was published for awesome-support/awesome-support (Composer) Sep 22, 2022
Microweber's title parameter in the body of POST request vulnerable to stored XSS Moderate
CVE-2022-2777 was published for microweber/microweber (Composer) Aug 12, 2022
phpMyFAQ vulnerable to Cross-site Scripting Moderate
CVE-2022-4407 was published for thorsten/phpmyfaq (Composer) Dec 11, 2022
Cross-site scripting vulnerability in TinyMCE alerts Moderate
CVE-2022-23494 was published for TinyMCE (Composer) Dec 8, 2022
P4rkJW
Credited to P4rkJW
Pimcore vulnerable to stored stored Cross-site Scripting via`properties` when creating new users Moderate
CVE-2022-3211 was published for pimcore/pimcore (Composer) Sep 16, 2022
Cross site scripting in dolibarr Moderate
CVE-2022-22293 was published for dolibarr/dolibarr (Composer) Jan 3, 2022
Cross site scripting in yetiforce/yetiforce-crm Moderate
CVE-2022-2885 was published for yetiforce/yetiforce-crm (Composer) Aug 22, 2022
Cross site scripting in yetiforce/yetiforce-crm Moderate
CVE-2022-2890 was published for yetiforce/yetiforce-crm (Composer) Aug 23, 2022
NotrinosERP Cross-site Scripting vulnerability Moderate
CVE-2022-2871 was published for notrinos/notrinos-erp (Composer) Aug 18, 2022
Cross site scripting in yetiforce/yetiforce-crm Moderate
CVE-2022-1340 was published for yetiforce/yetiforce-crm (Composer) Aug 23, 2022
Cross site scripting in getkirby/starterkit Moderate
CVE-2022-35174 was published for getkirby/starterkit (Composer) Aug 19, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2022-40000 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2022-40373 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Unrestricted Upload vulnerability Moderate
CVE-2021-36573 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS vulnerable to Cross Site Scripting Moderate
CVE-2020-20589 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2021-36572 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2022-40001 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2022-40002 was published for feehi/feehicms (Composer) Dec 15, 2022
FeehiCMS Cross Site Scripting vulnerability Moderate
CVE-2020-36607 was published for feehi/feehicms (Composer) Dec 15, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
DoS vulnerability in MaliciousCode filter Moderate
CVE-2023-23617 was published for openmage/magento-lts (Composer) Jan 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database