GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
131 advisories
Filter by severity
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2017-20115
was published
Jun 30, 2022
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This...
Moderate
Unreviewed
CVE-2017-20113
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic....
Moderate
Unreviewed
CVE-2017-20116
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by...
Moderate
Unreviewed
CVE-2017-20118
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected...
Moderate
Unreviewed
CVE-2017-20117
was published
Jun 30, 2022
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All...
Moderate
Unreviewed
CVE-2019-6585
was published
May 24, 2022
LeafKit allows XSS with untrusted user input
Moderate
CVE-2021-37634
was published
for
github.com/vapor/leaf-kit
(Swift)
Jun 9, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2021-44196
was published
Mar 7, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2021-44197
was published
Mar 7, 2023
Apache Tomcat allows webmasters to insert xss into error messages
Moderate
CVE-2001-0829
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
Apache Struts Cross-site scripting Vulnerability
Moderate
CVE-2005-3745
was published
for
org.apache.struts:struts-core
(Maven)
May 1, 2022
Apache Tomcat's CookieExample Vulnerable to XSS
Moderate
CVE-2007-3384
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat SendMailServlet XSS
Moderate
CVE-2007-3383
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue...
Moderate
Unreviewed
CVE-2023-5582
was published
Oct 14, 2023
matrix-react-sdk vulnerable to XSS in Export Chat feature
Moderate
CVE-2023-37259
was published
for
matrix-react-sdk
(npm)
Jul 18, 2023
Craft CMS stored XSS in indexedVolumes
Moderate
CVE-2023-33197
was published
for
craftcms/cms
(Composer)
May 26, 2023
Craft CMS stored XSS in review volume
Moderate
CVE-2023-33196
was published
for
craftcms/cms
(Composer)
May 26, 2023
Critters Cross-site Scripting Vulnerability
Moderate
CVE-2023-3481
was published
for
critters
(npm)
Aug 11, 2023
go package pydio cells vulnerable to cross-site scripting
Moderate
CVE-2023-2981
was published
for
github.com/pydio/cells
(Go)
May 30, 2023
HTML Injection in Keycloak Admin REST API
Moderate
CVE-2022-1274
was published
for
org.keycloak:keycloak-services
(Maven)
Mar 1, 2023
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled...
Moderate
Unreviewed
CVE-2022-4953
was published
Aug 14, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco...
Moderate
Unreviewed
CVE-2023-20222
was published
Aug 17, 2023
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow...
Moderate
Unreviewed
CVE-2023-20257
was published
Jan 17, 2024
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone...
Moderate
Unreviewed
CVE-2023-20218
was published
Aug 4, 2023
ProTip!
Advisories are also available from the
GraphQL API