Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,060 advisories

Loading
Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1... Low Unreviewed
CVE-2012-2360 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2... Low Unreviewed
CVE-2012-3393 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8... Moderate Unreviewed
CVE-2008-5432 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in... Low Unreviewed
CVE-2013-4525 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in helper_api.php in MantisBT 1.1.0a1 through 1.2.x... Low Unreviewed
CVE-2014-9269 was published May 13, 2022
paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php ... Moderate Unreviewed
CVE-2017-6478 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2... Low Unreviewed
CVE-2012-3396 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager ... Moderate Unreviewed
CVE-2016-6418 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1... Low Unreviewed
CVE-2013-4460 was published May 13, 2022
Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air... Moderate Unreviewed
CVE-2022-33322 was published Nov 9, 2022
Concrete CMS vulnerable to Reflected Cross-Site Scripting via dashboard icons Moderate
CVE-2022-43968 was published for concrete5/concrete5 (Composer) Nov 15, 2022
Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules... Moderate Unreviewed
CVE-2017-9366 was published May 13, 2022
Auth. Stored Cross-Site Scripting (XSS) vulnerability in Ezoic plugin <= 2.8.8 on WordPress. Moderate Unreviewed
CVE-2022-41315 was published Nov 18, 2022
Concrete CMS vulnerable to Cross-site Scripting via multilingual report Moderate
CVE-2022-43967 was published for concrete5/concrete5 (Composer) Nov 15, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow... Moderate Unreviewed
CVE-2017-9623 was published May 13, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow... Moderate Unreviewed
CVE-2017-9624 was published May 13, 2022
Cross-site Scripting in Zenario Moderate
CVE-2022-44071 was published for tribalsystems/zenario (Composer) Nov 16, 2022
Cross-site Scripting in Zenario Moderate
CVE-2022-44070 was published for tribalsystems/zenario (Composer) Nov 16, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3516 was published for librenms/librenms (Composer) Nov 20, 2022
Unauthenticated Plugin Settings Change Leading To Stored XSS Vulnerability in Ezoic plugin <= 2.8... Moderate Unreviewed
CVE-2022-41132 was published Nov 18, 2022
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in News Announcement Scroll plugin... Moderate Unreviewed
CVE-2022-40694 was published Nov 18, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-3562 was published for librenms/librenms (Composer) Nov 20, 2022
A cross-site scripting (XSS) vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows... Moderate Unreviewed
CVE-2022-45012 was published Nov 21, 2022
A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4... Moderate Unreviewed
CVE-2022-45015 was published Nov 21, 2022
Cross-site Scripting in librenms/librenms Moderate
CVE-2022-4067 was published for librenms/librenms (Composer) Nov 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database