GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,837 advisories
Filter by severity
Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2022-38248
was published
Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR...
Moderate
Unreviewed
CVE-2022-38249
was published
Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the...
Moderate
Unreviewed
CVE-2022-38251
was published
Sep 8, 2022
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the...
Moderate
Unreviewed
CVE-2022-38247
was published
Sep 8, 2022
Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via...
Moderate
Unreviewed
CVE-2022-38254
was published
Sep 8, 2022
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS...
Moderate
Unreviewed
CVE-2021-43080
was published
Sep 7, 2022
An improper neutralization of input during web page generation vulnerability [CWE-79] in the...
Moderate
Unreviewed
CVE-2022-26114
was published
Sep 7, 2022
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2430
was published
Sep 7, 2022
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2935
was published
Sep 7, 2022
The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2022-1628
was published
Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2517
was published
Sep 7, 2022
The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2936
was published
Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2716
was published
Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2934
was published
Sep 7, 2022
The Beaver Builder – WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2695
was published
Sep 7, 2022
The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-2516
was published
Sep 7, 2022
The Simple Banner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2022-2515
was published
Sep 7, 2022
The WP-UserOnline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2022-2473
was published
Sep 7, 2022
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities...
Moderate
Unreviewed
CVE-2022-2941
was published
Sep 7, 2022
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher:...
Moderate
Unreviewed
CVE-2021-36829
was published
Sep 7, 2022
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey,...
Moderate
Unreviewed
CVE-2022-34656
was published
Sep 7, 2022
A stored cross-site scripting (XSS) vulnerability exists in the management web interface of...
Moderate
Unreviewed
CVE-2022-31792
was published
Sep 7, 2022
Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to...
Moderate
Unreviewed
CVE-2022-37253
was published
Sep 7, 2022
Server-side JavaScript injection in Appsmith through 1.7.14 allows remote attackers to execute...
High
Unreviewed
CVE-2022-39824
was published
Sep 6, 2022
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07...
Moderate
Unreviewed
CVE-2022-3123
was published
Sep 6, 2022
ProTip!
Advisories are also available from the
GraphQL API