GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
118 advisories
Filter by severity
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-23735
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-23522
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-24874
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-32790
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in...
Moderate
Unreviewed
CVE-2023-48763
was published
Apr 24, 2024
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows...
Moderate
Unreviewed
CVE-2024-32746
was published
Apr 17, 2024
Stored XSS in graph rendering in Checkmk <2.3.0b4.
Moderate
Unreviewed
CVE-2024-2380
was published
Apr 5, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that...
Moderate
Unreviewed
CVE-2024-25690
was published
Apr 4, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042,...
Moderate
Unreviewed
CVE-2024-20362
was published
Apr 3, 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a...
Moderate
Unreviewed
CVE-2024-31062
was published
Mar 28, 2024
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users...
Moderate
Unreviewed
CVE-2024-1606
was published
Mar 18, 2024
Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php.
Moderate
Unreviewed
CVE-2024-28417
was published
Mar 14, 2024
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field...
Moderate
Unreviewed
CVE-2024-25873
was published
Feb 22, 2024
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16...
Moderate
Unreviewed
CVE-2023-5933
was published
Jan 26, 2024
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow...
Moderate
Unreviewed
CVE-2023-20257
was published
Jan 17, 2024
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue...
Moderate
Unreviewed
CVE-2023-5582
was published
Oct 14, 2023
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of...
Moderate
Unreviewed
CVE-2023-34354
was published
Oct 11, 2023
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet...
Moderate
Unreviewed
CVE-2023-36555
was published
Oct 10, 2023
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows...
Moderate
Unreviewed
CVE-2023-3971
was published
Oct 4, 2023
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly...
Moderate
Unreviewed
CVE-2023-20179
was published
Sep 27, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-4663
was published
Sep 15, 2023
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by...
Moderate
Unreviewed
CVE-2023-4109
was published
Aug 30, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco...
Moderate
Unreviewed
CVE-2023-20222
was published
Aug 17, 2023
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
Moderate
Unreviewed
CVE-2023-20228
was published
Aug 16, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled...
Moderate
Unreviewed
CVE-2022-4953
was published
Aug 14, 2023
ProTip!
Advisories are also available from the
GraphQL API