Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33938 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33939 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33941 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33942 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33940 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Cross-site scripting in Liferay Portal Moderate
CVE-2023-33943 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
alkacon-OpenCMS vulnerable to stored Cross-site Scripting Moderate
CVE-2023-31544 was published for org.opencms:opencms-core (Maven) May 16, 2023
Jenkins TestNG Results Plugin Stored Cross-site Scripting vulnerability Moderate
CVE-2023-32984 was published for org.jenkins-ci.plugins:testng-plugin (Maven) May 16, 2023
ONOS vulnerable to Cross-site Scripting Moderate
CVE-2023-30093 was published for org.onosproject:onos-archetypes (Maven) May 5, 2023
edoardottt
XWiki App Within Minutes app grants space admin rights that allows cross-site scripting Moderate
CVE-2023-29515 was published for org.xwiki.platform:xwiki-platform-appwithinminutes (Maven) Apr 20, 2023
org.xwiki.platform:xwiki-platform-security-authentication-default XSS with authenticate endpoints Moderate
CVE-2023-29506 was published for org.xwiki.platform:xwiki-platform-security-authentication-default (Maven) Apr 12, 2023
rekter0
XXL-JOB vulnerable to Cross-site Scripting Moderate
CVE-2023-26120 was published for com.xuxueli:xxl-job (Maven) Apr 10, 2023
Goobi viewer Core Reflected Cross-Site Scripting Vulnerability Using LOGID Parameter Moderate
CVE-2023-29014 was published for io.goobi.viewer:viewer-core (Maven) Apr 7, 2023
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Comments Moderate
CVE-2023-29015 was published for io.goobi.viewer:viewer-core (Maven) Apr 7, 2023
Goobi viewer Core has Cross-Site Scripting Vulnerability in User Nicknames Moderate
CVE-2023-29016 was published for io.goobi.viewer:viewer-core (Maven) Apr 7, 2023
Apache Archiva vulnerable to privilege escalation via stored cross-site scripting (XSS) Moderate
CVE-2023-28158 was published for org.apache.archiva:archiva (Maven) Mar 29, 2023
ONOS vulnerable to reflected cross-site scripting Moderate
CVE-2023-24279 was published for org.onosproject:onos-archetypes (Maven) Mar 14, 2023
edoardottt
Cross site scripting vulnerability in update-center2 Moderate
CVE-2023-27905 was published for org.jenkins-ci:update-center2 (Maven) Mar 10, 2023
yakirk
HTML Injection in Keycloak Admin REST API Moderate
CVE-2022-1274 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
Keycloak vulnerable to Cross-site Scripting Moderate
CVE-2022-1438 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
Cross-site Scripting in Quarkus Moderate
CVE-2023-0044 was published for io.quarkus:quarkus-vertx-http (Maven) Feb 23, 2023
Cross Site Scripting in OpenNMS Moderate
CVE-2023-0869 was published for org.opennms:opennms-web-api (Maven) Feb 23, 2023
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting Moderate
CVE-2023-0867 was published for org.opennms:opennms (Maven) Feb 23, 2023
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting Moderate
CVE-2023-0868 was published for org.opennms:opennms-webapp (Maven) Feb 23, 2023
OpenNMS Horizon and Meridian vulnerable to Cross-site Scripting Moderate
CVE-2023-0846 was published for org.opennms:opennms (Maven) Feb 22, 2023
ProTip! Advisories are also available from the GraphQL API