Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Loading
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that... Moderate Unreviewed
CVE-2024-25690 was published Apr 4, 2024
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ... Moderate Unreviewed
CVE-2024-2868 was published Apr 4, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042,... Moderate Unreviewed
CVE-2024-20362 was published Apr 3, 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a... Moderate Unreviewed
CVE-2024-31062 was published Mar 28, 2024
An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker... High Unreviewed
CVE-2023-40290 was published Mar 27, 2024
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users... Moderate Unreviewed
CVE-2024-1606 was published Mar 18, 2024
Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php. Moderate Unreviewed
CVE-2024-28417 was published Mar 14, 2024
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an... High Unreviewed
CVE-2024-26282 was published Feb 22, 2024
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field... Moderate Unreviewed
CVE-2024-25873 was published Feb 22, 2024
IBM PowerSC 1.3, 2.0, and 2.1 is vulnerable to HTML injection. A remote attacker could inject... Moderate Unreviewed
CVE-2023-50933 was published Feb 2, 2024
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16... Moderate Unreviewed
CVE-2023-5933 was published Jan 26, 2024
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow... Moderate Unreviewed
CVE-2023-20257 was published Jan 17, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified... Low Unreviewed
CVE-2024-0183 was published Jan 2, 2024
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue... Moderate Unreviewed
CVE-2023-5582 was published Oct 14, 2023
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of... Moderate Unreviewed
CVE-2023-34354 was published Oct 11, 2023
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet... Moderate Unreviewed
CVE-2023-36555 was published Oct 10, 2023
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows... Moderate Unreviewed
CVE-2023-3971 was published Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2023-20179 was published Sep 27, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-4663 was published Sep 15, 2023
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by... Moderate Unreviewed
CVE-2023-4109 was published Aug 30, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco... Moderate Unreviewed
CVE-2023-20222 was published Aug 17, 2023
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2023-20228 was published Aug 16, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled... Moderate Unreviewed
CVE-2022-4953 was published Aug 14, 2023
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an... Critical Unreviewed
CVE-2023-39216 was published Aug 8, 2023
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to... High Unreviewed
CVE-2023-39217 was published Aug 8, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database