Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,043 advisories

Loading
Cross-site Scripting in vis-timeline Moderate
CVE-2020-28487 was published for vis-timeline (npm) Apr 13, 2021
A stored cross site scripting (XSS) vulnerability in index.php/legend/6.html of UK CMS v1.1.10... Moderate Unreviewed
CVE-2020-20977 was published May 24, 2022
Cross-site scripting in Apache NiFi Moderate
CVE-2020-1933 was published for org.apache.nifi:nifi (Maven) Jan 6, 2022
Cross-site Scripting (XSS) in Apache Ambari Views Moderate
CVE-2020-1936 was published for org.apache.ambari:ambari (Maven) Jan 6, 2022
Cross-site Scripting (XSS) in Eclipse Theia Critical
CVE-2020-27224 was published for @theia/preview (npm) Apr 13, 2021
Multiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA... Moderate Unreviewed
CVE-2022-36365 was published Sep 22, 2022
Cross-site Scripting (XSS) in Apache ActiveMQ Artemis Moderate
CVE-2020-13932 was published for org.apache.activemq:apache-artemis (Maven) Feb 9, 2022
Stored cross-site scripting in PressBooks Moderate
CVE-2021-3271 was published for pressbooks/pressbooks (Composer) Mar 29, 2021
Improper Neutralization of Input in Theia console Moderate
CVE-2021-28161 was published for @theia/console (npm) Apr 13, 2021
XSS in Vega Low
CVE-2020-26296 was published for vega (npm) Dec 30, 2020
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before... Moderate Unreviewed
CVE-2016-4159 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before... Moderate Unreviewed
CVE-2015-8053 was published May 13, 2022
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have... Moderate Unreviewed
CVE-2018-4940 was published May 13, 2022
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10... Moderate Unreviewed
CVE-2017-3008 was published May 13, 2022
Cross-site scripting in SocksJS-node Moderate
CVE-2020-8823 was published for sockjs (npm) Apr 13, 2021
Cross-site Scripting (XSS) in baserCMS Moderate
CVE-2021-20683 was published for baserproject/basercms (Composer) Jun 8, 2021
Cross-site Scripting in SOS JobScheduler Moderate Unreviewed
CVE-2020-6854 was published Feb 15, 2022
Cross-site scripting (XSS) Moderate
CVE-2020-17551 was published for impresscms/impresscms (Composer) Mar 12, 2021
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before... Moderate Unreviewed
CVE-2015-8052 was published May 13, 2022
Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and... Moderate Unreviewed
CVE-2017-11285 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before... Moderate Unreviewed
CVE-2015-0345 was published May 13, 2022
Cross-site scripting (XSS) Moderate
CVE-2021-28088 was published for impresscms/impresscms (Composer) Mar 12, 2021
Cross-site Scripting (XSS) in @scullyio/scully High
CVE-2020-28470 was published for @scullyio/scully (npm) Apr 13, 2021
Cross-site Scripting in Eclipse Hawkbit Moderate
CVE-2020-27219 was published for org.eclipse.hawkbit:hawkbit-parent (Maven) Feb 9, 2022
Reflected Cross-site Scripting (XSS) in ACS Commons Moderate
CVE-2021-21043 was published for com.adobe.acs:acs-aem-commons (Maven) May 13, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database