GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
239 advisories
Filter by severity
Drupal cross-site scripting vulnerability via actions feature and trigger module
Low
CVE-2010-3094
was published
for
drupal/drupal
(Composer)
May 17, 2022
Joomla! vulnerable to Cross-site Scripting
Low
CVE-2011-4332
was published
for
joomla/joomla-cms
(Composer)
May 17, 2022
Cross-site Scripting in Apache Struts
Low
CVE-2011-1772
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities
Low
CVE-2012-4579
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Typo3 Backend XSS Vulnerabilities
Low
CVE-2012-1606
was published
for
typo3/cms
(Composer)
May 17, 2022
phpMyAdmin Vulnerable to Cross-Site Scripting
Low
CVE-2011-1940
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin vulnerable to Cross-site Scripting
Low
CVE-2011-4634
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin multiple cross-site scripting vulnerabilities
Low
CVE-2012-5339
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
Low
CVE-2012-4345
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Alkacon OpenCMS XSS via title and requestedResource parameters
Low
CVE-2013-4600
was published
for
org.opencms:opencms-core
(Maven)
May 17, 2022
WEC Map (wec_map) extension for TYPO3 allows Cross-site Scripting
Low
CVE-2014-6296
was published
for
jbartels/wec-map
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities After Inline Editing and Save
Low
CVE-2011-3591
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities
Low
CVE-2011-3592
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin cross-site scripting Vulnerability via ENUM value
Low
CVE-2014-7217
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Jenkins allows Cross-Site Scripting (XSS)
Low
CVE-2011-4344
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Jenkins allows Cross-Site Scripting (XSS)
Low
CVE-2015-1813
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Jenkins Build Failure Analyzer Plugin allows Cross-Site Scripting (XSS)
Low
CVE-2013-6374
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 17, 2022
concrete5 vulnerable to Cross-site Scripting
Low
CVE-2015-3989
was published
for
concrete5/concrete5
(Composer)
May 17, 2022
phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
Low
CVE-2014-4986
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
Low
CVE-2013-5002
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Joomla! Cross-site Scripting vulnerability
Low
CVE-2013-5583
was published
for
joomla/joomla-cms
(Composer)
May 17, 2022
typo3/cms-felogin Cross-site Scripting vulnerability
Low
CVE-2008-5656
was published
for
typo3/cms-felogin
(Composer)
May 17, 2022
TYPO3 Cross-site scripting (XSS) vulnerability in the click enlarge functionality
Low
CVE-2010-5097
was published
for
typo3/cms-frontend
(Composer)
May 17, 2022
TYPO3 Cross-Site Scripting vulnerability in the Install Tool
Low
CVE-2010-5100
was published
for
typo3/cms-install
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API