Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16... Moderate Unreviewed
CVE-2023-5933 was published Jan 26, 2024
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow... Moderate Unreviewed
CVE-2023-20257 was published Jan 17, 2024
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue... Moderate Unreviewed
CVE-2023-5582 was published Oct 14, 2023
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of... Moderate Unreviewed
CVE-2023-34354 was published Oct 11, 2023
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet... Moderate Unreviewed
CVE-2023-36555 was published Oct 10, 2023
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows... Moderate Unreviewed
CVE-2023-3971 was published Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2023-20179 was published Sep 27, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-4663 was published Sep 15, 2023
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by... Moderate Unreviewed
CVE-2023-4109 was published Aug 30, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco... Moderate Unreviewed
CVE-2023-20222 was published Aug 17, 2023
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2023-20228 was published Aug 16, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled... Moderate Unreviewed
CVE-2022-4953 was published Aug 14, 2023
Critters Cross-site Scripting Vulnerability Moderate
CVE-2023-3481 was published for critters (npm) Aug 11, 2023
A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP... Moderate Unreviewed
CVE-2023-20181 was published Aug 4, 2023
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone... Moderate Unreviewed
CVE-2023-20218 was published Aug 4, 2023
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30. Moderate Unreviewed
CVE-2023-23548 was published Aug 1, 2023
matrix-react-sdk vulnerable to XSS in Export Chat feature Moderate
CVE-2023-37259 was published for matrix-react-sdk (npm) Jul 18, 2023
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama... Moderate Unreviewed
CVE-2023-0007 was published Jul 6, 2023
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed
CVE-2023-25833 was published Jul 6, 2023
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter... Moderate Unreviewed
CVE-2023-1384 was published Jul 6, 2023
There is a reflected HTML injection vulnerability in Esri Portal for ArcGIS versions 10.9.1 and... Moderate Unreviewed
CVE-2022-38210 was published Jul 6, 2023
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device... Moderate Unreviewed
CVE-2023-24497 was published Jul 6, 2023
Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device... Moderate Unreviewed
CVE-2023-24496 was published Jul 6, 2023
LeafKit allows XSS with untrusted user input Moderate
CVE-2021-37634 was published for github.com/vapor/leaf-kit (Swift) Jun 9, 2023
alextrob
The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and... Moderate Unreviewed
CVE-2019-25144 was published Jun 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database