GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
173 advisories
Filter by severity
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
High
CVE-2022-36097
was published
for
org.xwiki.platform:xwiki-platform-attachment-ui
(Maven)
Sep 16, 2022
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history
High
CVE-2022-36094
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Sep 16, 2022
HTML Injection in ActiveMQ Artemis Web Console
Moderate
CVE-2022-35278
was published
for
org.apache.activemq:artemis-server
(Maven)
Aug 24, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600...
Moderate
Unreviewed
CVE-2022-36325
was published
Aug 11, 2022
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic....
Moderate
Unreviewed
CVE-2017-20140
was published
Jul 23, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by...
Moderate
Unreviewed
CVE-2017-20118
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected...
Moderate
Unreviewed
CVE-2017-20117
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic....
Moderate
Unreviewed
CVE-2017-20116
was published
Jun 30, 2022
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This...
Moderate
Unreviewed
CVE-2017-20114
was published
Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2017-20115
was published
Jun 30, 2022
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This...
Moderate
Unreviewed
CVE-2017-20113
was published
Jun 30, 2022
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05...
Moderate
Unreviewed
CVE-2018-25034
was published
Jun 13, 2022
Cross Site Scripting vulnerability in django-jsonform's admin form.
High
GHSA-x9jp-4w8m-4f3c
was published
for
django-jsonform
(pip)
Jun 10, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in WolfCMS up to 0.8.3.1. It has been...
Moderate
Unreviewed
CVE-2019-25070
was published
Jun 10, 2022
Cross-site Scripting vulnerability in repository issue list in Gogs
Moderate
CVE-2022-31038
was published
for
gogs.io/gogs
(Go)
Jun 8, 2022
Cross-site Scripting in the Flamingo theme manager
High
CVE-2022-29251
was published
for
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
(Maven)
May 25, 2022
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient...
Moderate
Unreviewed
CVE-2021-39348
was published
May 24, 2022
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If...
Moderate
Unreviewed
CVE-2020-36196
was published
May 24, 2022
This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004.
Moderate
Unreviewed
CVE-2021-28803
was published
May 24, 2022
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2021-1420
was published
May 24, 2022
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated...
Moderate
Unreviewed
CVE-2021-1351
was published
May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow...
Moderate
Unreviewed
CVE-2019-19285
was published
May 24, 2022
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS...
Moderate
Unreviewed
CVE-2020-13965
was published
May 24, 2022
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All...
Moderate
Unreviewed
CVE-2019-6585
was published
May 24, 2022
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The...
Critical
Unreviewed
CVE-2019-13923
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API