Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

30,237 advisories

Loading
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote... Moderate Unreviewed
CVE-2012-0047 was published May 4, 2022
Stored XSS in PartKeepr 1.4.0 Edit section in multiple api endpoints via name parameter. Moderate Unreviewed
CVE-2021-39390 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in modules/core/www/no_cookie.php in SimpleSAMLphp 1.8.1... Moderate Unreviewed
CVE-2012-0040 was published May 4, 2022
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers... Moderate Unreviewed
CVE-2020-23618 was published May 4, 2022
In SpringBootMovie <=1.2 when adding movie names, malicious code can be stored because there are... Moderate Unreviewed
CVE-2022-28588 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in inplview.aspx in Microsoft SharePoint Foundation 2010... Moderate Unreviewed
CVE-2012-0017 was published May 4, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in... Moderate Unreviewed
CVE-2012-0220 was published May 4, 2022
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates... Moderate Unreviewed
CVE-2011-0048 was published May 3, 2022
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to... Moderate Unreviewed
CVE-2011-0047 was published May 3, 2022
Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component... Moderate Unreviewed
CVE-2012-0195 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0... Moderate Unreviewed
CVE-2012-0272 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote... Moderate Unreviewed
CVE-2012-0233 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in... Moderate Unreviewed
CVE-2012-0283 was published May 4, 2022
A stored cross-site scripting (XSS) vulnerability exists in FUEL-CMS 1.5.1 that allows an... Moderate Unreviewed
CVE-2022-28599 was published May 4, 2022
A stored cross-site scripting (XSS) vulnerability in Pixelimity 1.0 allows attackers to execute... Moderate Unreviewed
CVE-2022-28589 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server... Moderate Unreviewed
CVE-2012-0144 was published May 4, 2022
The Microsoft Anti-Cross Site Scripting (AntiXSS) Library 3.x and 4.0 does not properly evaluate... Moderate Unreviewed
CVE-2012-0007 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows... Moderate Unreviewed
CVE-2012-0132 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server... Moderate Unreviewed
CVE-2012-0145 was published May 4, 2022
Cross-site Scripting in NodeBB Moderate
CVE-2015-9286 was published for nodebb (npm) May 1, 2019
Cross-site Scripting in video.js Moderate
CVE-2021-23414 was published for video.js (npm) Aug 10, 2021
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online... Moderate Unreviewed
CVE-2012-0312 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter... Moderate Unreviewed
CVE-2012-0302 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 allows remote attackers to... Moderate Unreviewed
CVE-2012-0313 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4... Moderate Unreviewed
CVE-2012-0225 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database