GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
Cross-site scripting in SimpleSAMLphp
Low
CVE-2020-5226
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Cross-site Scripting in October
Low
CVE-2020-4061
was published
for
october/backend
(Composer)
Jul 2, 2020
Cross Site Scripting and RCE in baserCMS
Low
CVE-2020-15159
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Cross Site Scripting in baserCMS
Low
CVE-2020-15154
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Persistent XSS in customer module in Shopware
Low
GHSA-6gv9-7q4g-pmvm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15273
was published
for
baserproject/basercms
(Composer)
Nov 4, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
Low
CVE-2020-15155
was published
for
baserproject/basercms
(Composer)
Aug 28, 2020
Persistent XSS in newsletter module in Shopware
Low
GHSA-hrfh-fp4x-crrq
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Non-persistent XSS in the Storefront in Shopware
Low
GHSA-qvhr-55hg-3qwv
was published
for
shopware/core
(Composer)
Sep 23, 2020
Persistent XSS in shopping worlds
Low
GHSA-28fw-88hq-6jmm
was published
for
shopware/shopware
(Composer)
Nov 13, 2020
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
Low
CVE-2020-15276
was published
for
baserproject/basercms
(Composer)
Oct 30, 2020
Stored XSS by authenticated backend user with access to upload files
Low
CVE-2020-15249
was published
for
october/backend
(Composer)
Nov 23, 2020
Cross site scripting in Concrete CMS
Low
CVE-2022-30120
was published
for
concrete5/core
(Composer)
Jun 25, 2022
Croos-site scripting in Croogo
Low
CVE-2019-20789
was published
for
croogo/croogo
(Composer)
Jun 22, 2021
phpMyAdmin cross-site scripting vulnerability in crafted view name
Low
CVE-2014-5274
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
phpMyAdmin cross-site scripting Vulnerability in Table or Column Names
Low
CVE-2014-4986
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin cross-site scripting Vulnerability via ENUM value
Low
CVE-2014-7217
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework
Low
CVE-2013-7078
was published
for
typo3/cms-core
(Composer)
May 17, 2022
TYPO3 Cross-Site Scripting (XSS) vulnerabilities in Content Editing Wizards component
Low
CVE-2013-7074
was published
for
typo3/cms
(Composer)
May 17, 2022
phpMyAdmin Cross-site scripting (XSS) vulnerability via pageNumber value
Low
CVE-2013-5002
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin multiple cross-site scripting vulnerabilities
Low
CVE-2012-5339
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple Cross-site Scripting Vulnerabilities in the Database Structure page
Low
CVE-2012-4345
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities
Low
CVE-2012-4579
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Typo3 Backend XSS Vulnerabilities
Low
CVE-2012-1606
was published
for
typo3/cms
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API