GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,214 advisories
Filter by severity
A reflected cross-site scripting (XSS) vulnerability in the 'Entry Chooser' of phpLDAPadmin ...
Low
Unreviewed
CVE-2024-9101
was published
Dec 19, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform...
Low
Unreviewed
CVE-2023-37530
was published
Feb 29, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform...
Low
Unreviewed
CVE-2023-37531
was published
Feb 29, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform...
Low
Unreviewed
CVE-2023-37529
was published
Feb 29, 2024
ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx...
Low
Unreviewed
CVE-2024-56082
was published
Dec 15, 2024
The dynamic-widgets plugin before 1.5.11 for WordPress has XSS via the wp-admin/admin-ajax.php...
Low
Unreviewed
CVE-2015-9436
was published
May 24, 2022
Cross Site Scripting vulnerability in Gibbon before v.27.0.01 and fixed in v.28.0.00 allows a...
Low
Unreviewed
CVE-2024-51337
was published
Nov 21, 2024
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows...
Low
Unreviewed
CVE-2022-1226
was published
Nov 15, 2024
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a...
Low
Unreviewed
CVE-2024-45099
was published
Nov 14, 2024
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the...
Low
Unreviewed
CVE-2023-45706
was published
Mar 28, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-5532
was published
Oct 28, 2024
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker...
Low
Unreviewed
CVE-2024-47486
was published
Oct 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43686
was published
Oct 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2024-43687
was published
Oct 4, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
Low
Unreviewed
CVE-2024-47950
was published
Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
Low
Unreviewed
CVE-2024-47951
was published
Oct 8, 2024
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as...
Low
Unreviewed
CVE-2024-9075
was published
Sep 22, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Low
Unreviewed
CVE-2024-46970
was published
Sep 16, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,...
Low
Unreviewed
CVE-2024-27125
was published
Sep 6, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject...
Low
Unreviewed
CVE-2024-38858
was published
Sep 2, 2024
A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9...
Low
Unreviewed
CVE-2024-44918
was published
Aug 30, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2022-26328
was published
Aug 21, 2024
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
Low
Unreviewed
CVE-2024-43809
was published
Aug 16, 2024
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
Low
Unreviewed
CVE-2024-43808
was published
Aug 16, 2024
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1...
Low
Unreviewed
CVE-2024-4187
was published
Jul 31, 2024
ProTip!
Advisories are also available from the
GraphQL API