Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Cross site scripting in SiteServer CMS Moderate
CVE-2021-42656 was published for SSCMS (NuGet) May 25, 2022
Cross site scripting attack in ServiceStack Framework Moderate
CVE-2019-1010199 was published for ServiceStack (NuGet) May 24, 2022
jhutchings1
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2020-5809 was published for UmbracoCms.Core (NuGet) May 24, 2022
GleamTech FileUltimate Cross-site Scripting Moderate
CVE-2020-15015 was published for GleamTech.FileUltimate (NuGet) May 24, 2022
DNN XSS Vulnerability Moderate
CVE-2020-5186 was published for DotNetNuke.Core (NuGet) May 24, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2017-15279 was published for UmbracoCMS.Web (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
DNN XSS Vulnerability Moderate
CVE-2018-14486 was published for DotNetNuke.Core (NuGet) May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022
jhutchings1 stof
Churro tdunlap607 jenhae
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2010-1459 was published for mono (NuGet) May 2, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values Moderate
CVE-2007-0660 was published for DotNetNuke.Core (NuGet) May 1, 2022
orchardcore is vulnerable to Cross-site Scripting Moderate
CVE-2022-0159 was published for OrchardCore (NuGet) Jan 21, 2022
Cross-site Scripting OrchardCore.Application.Cms.Targets Moderate
CVE-2022-0274 was published for OrchardCore.Application.Cms.Targets (NuGet) Jan 21, 2022
Cross-site scripting vulnerability in TinyMCE plugins Moderate
CVE-2024-21910 was published for TinyMCE (Composer) Nov 2, 2021
Cross-site Scripting in PiranhaCMS Moderate
CVE-2021-25977 was published for Piranha (NuGet) Oct 27, 2021
XSS in `*Text` options of the Datepicker widget in jquery-ui Moderate
CVE-2021-41183 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
XSS in the `of` option of the `.position()` util in jquery-ui Moderate
CVE-2021-41184 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena A-Fitz-Nelnet
XSS in the `altField` option of the Datepicker widget in jquery-ui Moderate
CVE-2021-41182 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
Cross-site scripting vulnerability in TinyMCE Moderate
CVE-2024-21908 was published for TinyMCE (Composer) Oct 22, 2021
Cross-site scripting in bootstrap-select Moderate
CVE-2019-20921 was published for bootstrap-select (npm) May 7, 2021
Cross-site scripting vulnerability in TinyMCE Moderate
CVE-2024-21911 was published for TinyMCE (Composer) Jan 6, 2021
emilwareus
Cross-Site Scripting in jquery Moderate
CVE-2012-6708 was published for jQuery (RubyGems) Sep 1, 2020
klaudialax
Cross-Site Scripting in jquery Moderate
CVE-2020-7656 was published for jQuery (RubyGems) May 20, 2020
klaudialax
ProTip! Advisories are also available from the GraphQL API