GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,368 advisories
Filter by severity
ember-source Cross-site Scripting vulnerability
Low
CVE-2014-0046
was published
for
ember-source
(RubyGems)
Aug 28, 2018
Cross-Site Scripting in serialize-to-js
Low
CVE-2019-16772
was published
for
serialize-to-js
(npm)
Dec 6, 2019
Cross-site scripting in SimpleSAMLphp
Low
CVE-2020-5226
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Cross-site Scripting in dijit editor's LinkDialog plugin
Low
CVE-2020-4051
was published
for
dijit
(npm)
Jun 15, 2020
Cross-site Scripting in October
Low
CVE-2020-4061
was published
for
october/backend
(Composer)
Jul 2, 2020
XSS in Mapfish Print relating to JSONP support
Low
CVE-2020-15231
was published
for
org.mapfish.print:print-lib
(Maven)
Jul 7, 2020
Cross Site Scripting in baserCMS
Low
CVE-2020-15154
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
Low
CVE-2020-15155
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting and RCE in baserCMS
Low
CVE-2020-15159
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
methodOverride Middleware Reflected Cross-Site Scripting in connect
Low
CVE-2013-7370
was published
for
connect
(npm)
Aug 31, 2020
Reflected Cross-Site Scripting in redis-commander
Low
GHSA-8c8c-4vfj-rrpc
was published
for
redis-commander
(npm)
Sep 1, 2020
Cross-Site Scripting in express-cart
Low
GHSA-9pr3-7449-977r
was published
for
express-cart
(npm)
Sep 2, 2020
Non-persistent XSS in the Storefront in Shopware
Low
GHSA-qvhr-55hg-3qwv
was published
for
shopware/core
(Composer)
Sep 23, 2020
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15276
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15273
was published
for
baserproject/basercms
(Composer)
Nov 4, 2020
Persistent XSS in customer module in Shopware
Low
GHSA-6gv9-7q4g-pmvm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Persistent XSS in shopping worlds
Low
GHSA-28fw-88hq-6jmm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Persistent XSS in newsletter module in Shopware
Low
GHSA-hrfh-fp4x-crrq
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Stored XSS by authenticated backend user with access to upload files
Low
CVE-2020-15249
was published
for
october/backend
(Composer)
Nov 23, 2020
Cross-site Scripting in Wildfly
Low
CVE-2021-3536
was published
for
org.wildfly:wildfly-parent
(Maven)
May 25, 2021
ProTip!
Advisories are also available from the
GraphQL API