Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,837 advisories

Loading
Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS)... Moderate Unreviewed
CVE-2022-38248 was published Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR... Moderate Unreviewed
CVE-2022-38249 was published Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the... Moderate Unreviewed
CVE-2022-38251 was published Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the... Moderate Unreviewed
CVE-2022-38247 was published Sep 8, 2022
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via... Moderate Unreviewed
CVE-2022-38254 was published Sep 8, 2022
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS... Moderate Unreviewed
CVE-2021-43080 was published Sep 7, 2022
An improper neutralization of input during web page generation vulnerability [CWE-79] in the... Moderate Unreviewed
CVE-2022-26114 was published Sep 7, 2022
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2430 was published Sep 7, 2022
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2935 was published Sep 7, 2022
The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting... Moderate Unreviewed
CVE-2022-1628 was published Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2517 was published Sep 7, 2022
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2936 was published Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2716 was published Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2934 was published Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2695 was published Sep 7, 2022
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2022-2516 was published Sep 7, 2022
The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2022-2515 was published Sep 7, 2022
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2022-2473 was published Sep 7, 2022
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities... Moderate Unreviewed
CVE-2022-2941 was published Sep 7, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher:... Moderate Unreviewed
CVE-2021-36829 was published Sep 7, 2022
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey,... Moderate Unreviewed
CVE-2022-34656 was published Sep 7, 2022
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of... Moderate Unreviewed
CVE-2022-31792 was published Sep 7, 2022
Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to... Moderate Unreviewed
CVE-2022-37253 was published Sep 7, 2022
Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute... High Unreviewed
CVE-2022-39824 was published Sep 6, 2022
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07... Moderate Unreviewed
CVE-2022-3123 was published Sep 6, 2022
ProTip! Advisories are also available from the GraphQL API