Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,890 advisories

Loading
mXSS in AntiSamy Moderate
CVE-2023-43643 was published for org.owasp.antisamy:antisamy (Maven) Oct 9, 2023
spassarop leeN
davewichers
Cross-site Scripting in snipe/snipe-it Moderate
CVE-2023-5452 was published for snipe/snipe-it (Composer) Oct 6, 2023
Zenario CMS Cross-site Scripting vulnerability Moderate
CVE-2023-44771 was published for tribalsystems/zenario (Composer) Oct 6, 2023
ConcreteCMS Cross-site Scripting vulnerability Moderate
CVE-2023-44766 was published for concrete5/concrete5 (Composer) Oct 6, 2023
Zenario CMS Cross-site Scripting vulnerability Moderate
CVE-2023-44770 was published for tribalsystems/zenario (Composer) Oct 6, 2023
ConcreteCMS Cross-site Scripting vulnerability Moderate
CVE-2023-44762 was published for concrete5/concrete5 (Composer) Oct 6, 2023
ConcreteCMS Cross-site Scripting vulnerability Moderate
CVE-2023-44761 was published for concrete5/concrete5 (Composer) Oct 6, 2023
MarkLee131
ConcreteCMS Cross-site Scripting vulnerability Moderate
CVE-2023-44765 was published for concrete5/concrete5 (Composer) Oct 6, 2023
MarkLee131
ConcreteCMS Cross-site Scripting vulnerability Moderate
CVE-2023-44764 was published for concrete5/concrete5 (Composer) Oct 6, 2023
HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content Moderate
CVE-2023-44390 was published for HtmlSanitizer (NuGet) Oct 4, 2023
Yaniv-git
Zope management interface vulnerable to stored cross site scripting via the title property Low
CVE-2023-44389 was published for Zope (pip) Oct 4, 2023
dataflake drfho
icemac d-maurer
Dolibarr Cross-site Scripting vulnerability Moderate
CVE-2023-5323 was published for dolibarr/dolibarr (Composer) Oct 1, 2023
phpMyFaq Cross-site Scripting vulnerability Moderate
CVE-2023-5317 was published for thorsten/phpmyfaq (Composer) Sep 30, 2023
phpMyFAQ Cross-site Scripting vulnerability High
CVE-2023-5319 was published for thorsten/phpmyfaq (Composer) Sep 30, 2023
phpMyFAQ Cross-site Scripting vulnerability Critical
CVE-2023-5320 was published for thorsten/phpmyfaq (Composer) Sep 30, 2023
phpMyFAQ Cross-site Scripting vulnerability Critical
CVE-2023-5316 was published for thorsten/phpmyfaq (Composer) Sep 30, 2023
Withdrawn Advisory: October Cross-site Scripting vulnerability Moderate
CVE-2023-43876 was published for october/cms (Composer) Sep 28, 2023 withdrawn
daftspunk
Subrion CMS Cross-site Scripting vulnerability Moderate
CVE-2023-43884 was published for intelliants/subrion (Composer) Sep 28, 2023
quill-mention Cross-site Scripting vulnerability Moderate
CVE-2023-26149 was published for quill-mention (npm) Sep 28, 2023
Microweber Cross-site Scripting vulnerability Moderate
CVE-2023-5244 was published for microweber/microweber (Composer) Sep 28, 2023
Subrion CMS Cross-site Scripting vulnerability in /panel/languages Moderate
CVE-2023-43828 was published for intelliants/subrion (Composer) Sep 27, 2023
Subrion CMS XSS in /panel/configuration/financial/ Moderate
CVE-2023-43830 was published for intelliants/subrion (Composer) Sep 27, 2023
pimcore/admin-ui-classic-bundle Cross-site Scripting vulnerability in Translations Moderate
CVE-2023-42817 was published for pimcore/admin-ui-classic-bundle (Composer) Sep 25, 2023
limenet
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait Low
GHSA-hc5c-r8m5-2gfh was published for plone.restapi (pip) Sep 21, 2023
plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-41048 was published for plone.namedfile (pip) Sep 21, 2023
msegoviag
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database