Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,851
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,098
NuGet
734
pip
3,914
Pub
12
RubyGems
945
Rust
1,016
Swift
39
Unreviewed advisories
All unreviewed
5,000+

215 advisories

Loading
The SAP Application Interface (Message Monitoring) - versions 600, 700, allows an authorized... Moderate Unreviewed
CVE-2023-29112 was published Apr 11, 2023
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The... Moderate Unreviewed
CVE-2019-1010018 was published May 24, 2022
A vulnerability has been identified in Spectrum Power 3 (Corporate User Interface) (All versions ... Moderate Unreviewed
CVE-2019-10933 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1... Moderate Unreviewed
CVE-2019-6577 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042,... Moderate Unreviewed
CVE-2024-20362 was published Apr 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has... Moderate Unreviewed
CVE-2003-5003 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been... Moderate Unreviewed
CVE-2008-10001 was published Mar 29, 2022
phpMyFAQ Stored HTML Injection at contentLink Moderate
CVE-2024-28108 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users... Moderate Unreviewed
CVE-2024-1606 was published Mar 18, 2024
Jetty Javascript Inclusion Vulnerability Moderate
CVE-2002-1533 was published for org.mortbay.jetty:jetty (Maven) Apr 30, 2022
Apache Tomcat XSS Vulnerability Moderate
CVE-2006-7195 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed
CVE-2023-25833 was published Jul 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16... Moderate Unreviewed
CVE-2023-5933 was published Jan 26, 2024
phpMyFAQ vulnerable to stored XSS on attachments filename Moderate
CVE-2024-24574 was published for phpmyfaq/phpmyfaq (Composer) Feb 5, 2024
nikkoenggaliano
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2023-20179 was published Sep 27, 2023
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2023-20228 was published Aug 16, 2023
A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP... Moderate Unreviewed
CVE-2023-20181 was published Aug 4, 2023
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone... Moderate Unreviewed
CVE-2023-20218 was published Aug 4, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow... Moderate Unreviewed
CVE-2023-20257 was published Jan 17, 2024
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco... Moderate Unreviewed
CVE-2023-20222 was published Aug 17, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled... Moderate Unreviewed
CVE-2022-4953 was published Aug 14, 2023
HTML Injection in Keycloak Admin REST API Moderate
CVE-2022-1274 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
go package pydio cells vulnerable to cross-site scripting Moderate
CVE-2023-2981 was published for github.com/pydio/cells (Go) May 30, 2023
Critters Cross-site Scripting Vulnerability Moderate
CVE-2023-3481 was published for critters (npm) Aug 11, 2023
Craft CMS stored XSS in review volume Moderate
CVE-2023-33196 was published for craftcms/cms (Composer) May 26, 2023
WhiteBearVN
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database