Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,349 advisories

Loading
A vulnerability, which was classified as problematic, was found in flusity CMS. Affected is the... Low Unreviewed
CVE-2023-5811 was published Oct 27, 2023
A vulnerability classified as problematic has been found in Dragon Path 707GR1 up to 20231022.... Low Unreviewed
CVE-2023-5789 was published Oct 26, 2023
Fides JavaScript Injection Vulnerability in Privacy Center URL Low
CVE-2023-46126 was published for ethyca-fides (pip) Oct 24, 2023
A vulnerability was found in SourceCodester Online Motorcycle Rental System 1.0. It has been... Low Unreviewed
CVE-2023-5585 was published Oct 15, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository hestiacp/hestiacp prior to 1.8.6. Low Unreviewed
CVE-2023-4517 was published Oct 13, 2023
A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as... Low Unreviewed
CVE-2023-5496 was published Oct 10, 2023
Zope management interface vulnerable to stored cross site scripting via the title property Low
CVE-2023-44389 was published for Zope (pip) Oct 4, 2023
dataflake drfho
icemac d-maurer
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was... Low Unreviewed
CVE-2023-5287 was published Sep 29, 2023
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait Low
GHSA-hc5c-r8m5-2gfh was published for plone.restapi (pip) Sep 21, 2023
plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-41048 was published for plone.namedfile (pip) Sep 21, 2023
msegoviag
Zope vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-42458 was published for Zope (pip) Sep 21, 2023
mauritsvanrees icemac
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8. Low Unreviewed
CVE-2023-5084 was published Sep 20, 2023
A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. This... Low Unreviewed
CVE-2023-5013 was published Sep 17, 2023
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git. Low Unreviewed
CVE-2023-4879 was published Sep 10, 2023
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports Low
CVE-2023-40030 was published for cargo (Rust) Aug 24, 2023
pietroalbini cuviper
remkop22 ehuss weihanglo Manishearth
Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git. Low Unreviewed
CVE-2023-4187 was published Aug 5, 2023
Cross-site Scripting in Mingsoft MCMS Low
CVE-2023-3990 was published for net.mingsoft:ms-mcms (Maven) Jul 28, 2023
A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0 and... Low Unreviewed
CVE-2023-3986 was published Jul 28, 2023
A vulnerability was found in Travelmate Travelable Trek Management Solution 1.0. It has been... Low Unreviewed
CVE-2023-3862 was published Jul 24, 2023
A vulnerability classified as problematic was found in DedeBIZ 6.2.10. Affected by this... Low Unreviewed
CVE-2023-3838 was published Jul 23, 2023
A vulnerability classified as problematic has been found in DedeBIZ 6.2.10. Affected is an... Low Unreviewed
CVE-2023-3837 was published Jul 22, 2023
There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that... Low Unreviewed
CVE-2023-25840 was published Jul 21, 2023
RuoYi vulnerable to Cross-site Scripting Low
CVE-2023-3815 was published for com.ruoyi:ruoyi (Maven) Jul 21, 2023
A vulnerability was found in Campcodes Retro Cellphone Online Store 1.0 and classified as... Low Unreviewed
CVE-2023-3660 was published Jul 13, 2023
Winter CMS stored XSS through privileged upload of SVG file Low
CVE-2023-37269 was published for wintercms/winter (Composer) Jul 7, 2023
abhishekmorla
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database