Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Cross-site Scripting in Wildfly Low
CVE-2021-3536 was published for org.wildfly:wildfly-parent (Maven) May 25, 2021
Croos-site scripting in Croogo Low
CVE-2019-20789 was published for croogo/croogo (Composer) Jun 22, 2021
Cross-site Scripting in bootstrap-table Low
CVE-2021-23472 was published for bootstrap-table (npm) Nov 8, 2021
snipe-it is vulnerable to Cross-site Scripting Low
CVE-2021-3938 was published for snipe/snipe-it (Composer) Nov 15, 2021
Cross-site scripting in Apache Syncome EndUser Low
CVE-2019-17557 was published for org.apache.syncope.client:syncope-client-enduser (Maven) Jan 6, 2022
jquery.terminal self XSS on user input Low
CVE-2021-43862 was published for jquery.terminal (npm) Jan 6, 2022
Nahiiko
Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4. Low Unreviewed
CVE-2022-1180 was published Mar 31, 2022
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible Low Unreviewed
CVE-2022-29816 was published Apr 29, 2022
Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is... Low Unreviewed
CVE-2003-1577 was published Apr 29, 2022
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows... Low Unreviewed
CVE-2003-1581 was published Apr 29, 2022
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP... Low Unreviewed
CVE-2003-1582 was published Apr 29, 2022
Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote... Low Unreviewed
CVE-2005-1778 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server... Low Unreviewed
CVE-2005-3205 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8... Low Unreviewed
CVE-2005-4190 was published May 1, 2022
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross... Low Unreviewed
CVE-2006-0800 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when... Low Unreviewed
CVE-2006-1193 was published May 1, 2022
Cross-site scripting in Apache Struts Low
CVE-2006-1548 was published for struts:struts (Maven) May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Autogallery 0.41 allow remote... Low Unreviewed
CVE-2006-1750 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6... Low Unreviewed
CVE-2006-1898 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 allow remote attackers to... Low Unreviewed
CVE-2006-1918 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow... Low Unreviewed
CVE-2006-2016 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites 1.1 allow remote attackers... Low Unreviewed
CVE-2006-2545 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote attackers to... Low Unreviewed
CVE-2006-3061 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and... Low Unreviewed
CVE-2006-3571 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to... Low Unreviewed
CVE-2006-5451 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API