Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,890 advisories

Loading
Gila CMS Cross-site Scripting Vulnerability Moderate
CVE-2020-20523 was published for gilacms/gila (Composer) Aug 11, 2023
Angular critical CSS inlining Cross-site Scripting Vulnerability Advisory High
GHSA-r3hf-q8q7-fv2p was published for @nguniversal/common (npm) Aug 9, 2023
wger Workout Manager Cross-site Scripting vulnerability Moderate
CVE-2023-38758 was published for wger (pip) Aug 8, 2023
Cockpit Cross-site Scripting vulnerability High
CVE-2023-4196 was published for cockpit-hq/cockpit (Composer) Aug 6, 2023
Cross-site Scripting (XSS) in CrafterCMS High
CVE-2023-4136 was published for org.craftercms:crafter-engine (Maven) Aug 3, 2023
pimcore/customer-management-framework-bundle Cross-site Scripting vulnerability in Segment name Moderate
CVE-2023-4145 was published for pimcore/customer-management-framework-bundle (Composer) Aug 3, 2023
Si13ntr311iK
Improper rendering of text nodes in golang.org/x/net/html Moderate
CVE-2023-3978 was published for golang.org/x/net (Go) Aug 2, 2023
phpMyFAQ Stored Cross-site Scripting vulnerability High
CVE-2023-4007 was published for thorsten/phpmyfaq (Composer) Jul 31, 2023
Cross-site scripting (XSS) from MIME type auto-detection of uploaded files Moderate
CVE-2023-38491 was published for getkirby/cms (Composer) Jul 28, 2023
Cross-site Scripting in Mingsoft MCMS Low
CVE-2023-3990 was published for net.mingsoft:ms-mcms (Maven) Jul 28, 2023
Stored Cross-Site Scripting October CMS Moderate
CVE-2023-37692 was published for october/october (Composer) Jul 26, 2023
Jenkins Stored Cross-site Scripting vulnerability High
CVE-2023-39151 was published for org.jenkins-ci.main:jenkins-core (Maven) Jul 26, 2023
daniel-beck
Cross-Site Scripting in CKEditor4 WordCount Plugin Moderate
GHSA-m8fw-p3cr-6jqc was published for typo3/cms-rte-ckeditor (Composer) Jul 25, 2023
sypets ohader
bnf
Cross-site Scripting in healthcheck webconsole plugin Moderate
CVE-2023-38435 was published for org.apache.felix:org.apache.felix.healthcheck.webconsoleplugin (Maven) Jul 25, 2023
By-passing Cross-Site Scripting Protection in HTML Sanitizer Moderate
CVE-2023-38500 was published for typo3/html-sanitizer (Composer) Jul 25, 2023
leeN Yaniv-git
ohader bnf
copyparty vulnerable to reflected cross-site scripting via k304 parameter Moderate
CVE-2023-38501 was published for copyparty (pip) Jul 25, 2023
TheHackyDog
Cross site scripting via input unit widget Moderate
CVE-2023-36806 was published for contao/core-bundle (Composer) Jul 25, 2023
Indico vulnerable to Cross-Site-Scripting via confirmation prompts Moderate
CVE-2023-37901 was published for indico (pip) Jul 21, 2023
ThiefMaster
copyparty vulnerable to reflected cross-site scripting via hc parameter Moderate
GHSA-cw7j-v52w-fp5r was published for copyparty (pip) Jul 21, 2023
TheHackyDog
Pimcore Cross-site Scripting vulnerability Moderate
CVE-2023-3821 was published for pimcore/pimcore (Composer) Jul 21, 2023
Pimcore Cross-site Scripting vulnerability Moderate
CVE-2023-3822 was published for pimcore/pimcore (Composer) Jul 21, 2023
RuoYi vulnerable to Cross-site Scripting Low
CVE-2023-3815 was published for com.ruoyi:ruoyi (Maven) Jul 21, 2023
Alkacon OpenCMS arbitrary file upload vulnerability Moderate
CVE-2023-37602 was published for org.opencms:opencms-core (Maven) Jul 20, 2023
matrix-react-sdk vulnerable to XSS in Export Chat feature Moderate
CVE-2023-37259 was published for matrix-react-sdk (npm) Jul 18, 2023
layui vulnerable to cross-site scripting Moderate
CVE-2023-3691 was published for layui (npm) Jul 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database