Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

635 advisories

Loading
Apache OpenMeetings Cross-site Scripting vulnerability Moderate
CVE-2016-3089 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 14, 2022
WSO2 Carbon vulnerable to Cross-site Scripting Moderate
CVE-2016-4316 was published for org.wso2.carbon.commons:org.wso2.carbon.messageflows.ui (Maven) May 14, 2022
Improper Neutralization of Input During Web Page Generation Apache Sling Servlets Post Moderate
CVE-2017-9802 was published for org.apache.sling:org.apache.sling.servlets.post (Maven) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache Axis2 Moderate
CVE-2010-2103 was published for org.apache.axis2.wso2:axis2 (Maven) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Apache Tomcat Moderate
CVE-2010-4172 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ MarkLee131
Apache Struts XSS Moderate
CVE-2012-1007 was published for org.apache.struts:struts-core (Maven) May 14, 2022
warkentyne
Improper Neutralization of Input During Web Page Generation in Dojo Dojo Objective Harness Moderate
CVE-2018-1000665 was published for org.dojotoolkit:dojo (Maven) May 14, 2022
XWiki XSS Vulnerability Moderate
CVE-2018-16277 was published for org.xwiki.platform:xwiki-platform (Maven) May 14, 2022
Cross-site Scripting in Apache Struts Moderate
CVE-2015-5169 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
Cross-site Scripting in Apache Struts Moderate
CVE-2016-4003 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Jenkins vulnerable to Cross-site Scripting Moderate
CVE-2013-2033 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins Cross-site Scripting vulnerability Moderate
CVE-2014-3681 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
The Reporting Addon for CUBA Platform has Persistent XSS Moderate
CVE-2018-20663 was published for com.haulmont.cuba:cuba-web-toolkit (Maven) May 14, 2022
Stored XSS vulnerability in Config File Provider Plugin Moderate
CVE-2018-1000413 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 14, 2022
Cross-site Scripting in Jenkins Rebuilder Plugin Moderate
CVE-2018-1000415 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) May 14, 2022
Apache TomEE console vulnerable to Cross-site Scripting Moderate
CVE-2018-8031 was published for org.apache.tomee:tomee-webapp (Maven) May 14, 2022
Cross-site Scripting in Jolokia agent Moderate
CVE-2018-1000129 was published for org.jolokia:jolokia-core (Maven) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Spring Framework Moderate
CVE-2014-1904 was published for org.springframework:spring-webmvc (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2014-8110 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2016-0782 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ Moderate
CVE-2016-0734 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
Apache Archiva vulnerable to Cross-site Scripting Moderate
CVE-2016-5005 was published for org.apache.archiva:archiva (Maven) May 14, 2022
Improper Neutralization of Input During Web Page Generation Apache ActiveMQ Moderate
CVE-2016-6810 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Cross-site Scripting in Apache NiFi Moderate
CVE-2016-8748 was published for org.apache.nifi:nifi (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database