GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
154 advisories
Filter by severity
Cross-site scripting in SimpleSAMLphp
Low
CVE-2020-5226
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Cross-site Scripting in October
Low
CVE-2020-4061
was published
for
october/backend
(Composer)
Jul 2, 2020
XSS in Mapfish Print relating to JSONP support
Low
CVE-2020-15231
was published
for
org.mapfish.print:print-lib
(Maven)
Jul 7, 2020
Cross-Site Scripting in express-cart
Low
GHSA-9pr3-7449-977r
was published
for
express-cart
(npm)
Sep 2, 2020
Cross Site Scripting in baserCMS
Low
CVE-2020-15154
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting and RCE in baserCMS
Low
CVE-2020-15159
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
methodOverride Middleware Reflected Cross-Site Scripting in connect
Low
CVE-2013-7370
was published
for
connect
(npm)
Aug 31, 2020
Reflected Cross-Site Scripting in redis-commander
Low
GHSA-8c8c-4vfj-rrpc
was published
for
redis-commander
(npm)
Sep 1, 2020
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15273
was published
for
baserproject/basercms
(Composer)
Nov 4, 2020
Persistent XSS in customer module in Shopware
Low
GHSA-6gv9-7q4g-pmvm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
Low
CVE-2020-15155
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Persistent XSS in newsletter module in Shopware
Low
GHSA-hrfh-fp4x-crrq
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Non-persistent XSS in the Storefront in Shopware
Low
GHSA-qvhr-55hg-3qwv
was published
for
shopware/core
(Composer)
Sep 23, 2020
Persistent XSS in shopping worlds
Low
GHSA-28fw-88hq-6jmm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Stored XSS by authenticated backend user with access to upload files
Low
CVE-2020-15249
was published
for
october/backend
(Composer)
Nov 23, 2020
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15276
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
Cross site scripting via cookies in gogs
Low
GHSA-pj96-4jhv-v792
was published
for
gogs.io/gogs
(Go)
Jun 2, 2022
Cross-site Scripting in bootstrap-table
Low
CVE-2021-23472
was published
for
bootstrap-table
(npm)
Nov 8, 2021
Cross-site scripting in Apache Struts
Low
CVE-2006-1548
was published
for
struts:struts
(Maven)
May 1, 2022
Cross-site Scripting in RabbitMQ
Low
CVE-2019-11291
was published
for
rabbit_common
(Erlang)
May 24, 2022
Cross site scripting in Concrete CMS
Low
CVE-2022-30120
was published
for
concrete5/core
(Composer)
Jun 25, 2022
jquery.terminal self XSS on user input
Low
CVE-2021-43862
was published
for
jquery.terminal
(npm)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API