Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,008 advisories

Loading
The Greenshift WordPress plugin before 4.8.9 does not validate and escape one of its shortcode... Moderate Unreviewed
CVE-2022-4653 was published Jan 16, 2023
nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerability in www/pages/api.php. The... Moderate Unreviewed
CVE-2021-43686 was published Dec 3, 2021
The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly... Moderate Unreviewed
CVE-2021-24718 was published Dec 7, 2021
Authenticated users with Site roles may inject XSS scripts via file names that will execute in... Moderate Unreviewed
CVE-2021-23260 was published Dec 3, 2021
Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I firmware v1.20 and prior... Moderate Unreviewed
CVE-2021-20857 was published Dec 2, 2021
The Kentico Xperience CMS version 13.0 – 13.0.43 is vulnerable to a persistent Cross-Site... Moderate Unreviewed
CVE-2021-43991 was published Dec 4, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2021-38909 was published Dec 4, 2021
A cross-site scripting (XSS) vulnerability in integration configuration in SquaredUp for SCOM 5.2... Moderate Unreviewed
CVE-2021-40096 was published Dec 8, 2021
SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulnerability in /master/core... Moderate Unreviewed
CVE-2021-43681 was published Dec 3, 2021
When receiving a URL through a SEND intent, Firefox would have searched for the text, but... Moderate Unreviewed
CVE-2021-43544 was published Dec 9, 2021
A Universal XSS vulnerability was present in Firefox for Android resulting from improper... Moderate Unreviewed
CVE-2021-43530 was published Dec 9, 2021
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed
CVE-2021-37999 was published Nov 24, 2021
The debug-meta-data plugin 1.1.2 for WordPress allows XSS. Moderate Unreviewed
CVE-2020-27356 was published Dec 8, 2021
yikes-inc-easy-mailchimp-extender Cross-site Scripting vulnerability Moderate
CVE-2021-4244 was published for yikesinc/yikes-inc-easy-mailchimp-extender (Composer) Dec 12, 2022
The Asgaros Forums WordPress plugin is vulnerable to Stored Cross-Site Scripting due to... Moderate Unreviewed
CVE-2021-42365 was published Nov 30, 2021
Stored cross-site scripting (XSS) was possible in protection plan details. The following products... Moderate Unreviewed
CVE-2021-44203 was published Nov 30, 2021
An unspecified version of phpWhois is affected by a Cross Site Scripting (XSS) vulnerability. In... Moderate Unreviewed
CVE-2021-43698 was published Nov 30, 2021
Self cross-site scripting (XSS) was possible on devices page. The following products are affected... Moderate Unreviewed
CVE-2021-44200 was published Nov 30, 2021
Stored cross-site scripting (XSS) was possible in activity details. The following products are... Moderate Unreviewed
CVE-2021-44202 was published Nov 30, 2021
Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating... Moderate Unreviewed
CVE-2021-36843 was published Nov 27, 2021
A improper neutralization of input during web page generation ('cross-site scripting') in... Moderate Unreviewed
CVE-2021-41015 was published Dec 9, 2021
A improper neutralization of input during web page generation ('cross-site scripting') in... Moderate Unreviewed
CVE-2021-41029 was published Dec 9, 2021
chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin... Moderate Unreviewed
CVE-2021-43687 was published Dec 2, 2021
Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s... Moderate Unreviewed
CVE-2021-42119 was published Dec 1, 2021
74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php... Moderate Unreviewed
CVE-2020-22421 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database