GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown
Moderate
GHSA-755v-r4x4-qf7m
was published
for
org.keycloak:keycloak-core
(Maven)
Nov 29, 2022
Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius
Moderate
CVE-2022-24749
was published
for
Sylius/Sylius
(Composer)
Mar 14, 2022
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated...
Moderate
Unreviewed
CVE-2021-1351
was published
May 24, 2022
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient...
Moderate
Unreviewed
CVE-2021-39348
was published
May 24, 2022
Cross-site Scripting vulnerability in repository issue list in Gogs
Moderate
CVE-2022-31038
was published
for
gogs.io/gogs
(Go)
Jun 8, 2022
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic....
Moderate
Unreviewed
CVE-2017-20140
was published
Jul 23, 2022
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages...
Moderate
Unreviewed
CVE-2022-28703
was published
Dec 15, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow...
Moderate
Unreviewed
CVE-2019-19285
was published
May 24, 2022
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2021-1420
was published
May 24, 2022
This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004.
Moderate
Unreviewed
CVE-2021-28803
was published
May 24, 2022
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If...
Moderate
Unreviewed
CVE-2020-36196
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been...
Moderate
Unreviewed
CVE-2019-25070
was published
Jun 10, 2022
Stored cross-site scripting in Grid component in Vaadin 7 and 8
Moderate
CVE-2019-25028
was published
for
com.vaadin:vaadin-bom
(Maven)
Apr 19, 2021
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogs
Moderate
CVE-2021-29438
was published
for
@nextcloud/dialogs
(npm)
Apr 16, 2021
Cross-site scripting (XSS) from image block content in the site frontend
Moderate
CVE-2021-41258
was published
for
getkirby/cms
(Composer)
Nov 16, 2021
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05...
Moderate
Unreviewed
CVE-2018-25034
was published
Jun 13, 2022
A vulnerability, which was classified as problematic, was found in Webmin. Affected is an unknown...
Moderate
Unreviewed
CVE-2022-3844
was published
Nov 3, 2022
Cross site scripting vulnerability in ActionView
Moderate
CVE-2020-5267
was published
for
actionview
(RubyGems)
Mar 19, 2020
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2017-20115
was published
Jun 30, 2022
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This...
Moderate
Unreviewed
CVE-2017-20113
was published
Jun 30, 2022
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This...
Moderate
Unreviewed
CVE-2017-20114
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic....
Moderate
Unreviewed
CVE-2017-20116
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by...
Moderate
Unreviewed
CVE-2017-20118
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected...
Moderate
Unreviewed
CVE-2017-20117
was published
Jun 30, 2022
ProTip!
Advisories are also available from the
GraphQL API