GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,866 advisories
auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped
Moderate
CVE-2024-45592
was published
for
damienharper/auditor-bundle
(Composer)
Sep 10, 2024
LibreNMS has a stored XSS in ExamplePlugin with Device's Notes
Moderate
CVE-2024-49758
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Cross-site Scripting (XSS) in Conditions tab of Pricing Rules
Moderate
CVE-2023-2332
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
UnoPim Stored XSS : Cookie hijacking through Create User function
Moderate
CVE-2024-52305
was published
for
unopim/unopim
(Composer)
Nov 13, 2024
Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS
Moderate
CVE-2024-47765
was published
for
dev-lancer/minecraft-motd-parser
(Composer)
Oct 4, 2024
Symfony allows changing the environment through a query
Moderate
CVE-2024-50340
was published
for
symfony/runtime
(Composer)
Nov 6, 2024
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Moderate
CVE-2019-11358
was published
for
django
(RubyGems)
Apr 26, 2019
mdanter/ecc affected by timing vulnerability in cryptographic side-channels
Moderate
CVE-2024-33851
was published
for
mdanter/ecc
(Composer)
Apr 28, 2024
Symfony potential Cross-site Scripting in WebhookController
Moderate
CVE-2023-46735
was published
for
symfony/symfony
(Composer)
Nov 12, 2023
Cross-site scripting vulnerability in includes/actions/InfoAction.php
Moderate
CVE-2014-2853
was published
for
mediawiki/core
(Composer)
May 17, 2022
img_auth.php may leak private extension images into the public cache
Moderate
CVE-2020-15005
was published
for
mediawiki/core
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API