GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,473

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,608 advisories

Filter by severity

Sort by

Least recently updated

Cross-site scripting in Zimbra Moderate Unreviewed

CVE-2020-11737 was published May 25, 2021

SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS. Moderate Unreviewed

CVE-2021-43977 was published Nov 17, 2021

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup... Moderate Unreviewed

CVE-2021-36884 was published Nov 20, 2021

The "WPO365 | LOGIN" WordPress plugin (up to and including version 15.3) by wpo365.com is... Moderate Unreviewed

CVE-2021-43409 was published Nov 20, 2021

The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2021-42363 was published Nov 20, 2021

A vulnerability in the web-based management interface of Cisco Common Services Platform Collector... Moderate Unreviewed

CVE-2021-40131 was published Nov 20, 2021

OX App Suite 7.10.5 allows XSS via an OX Chat system message. Moderate Unreviewed

CVE-2021-33495 was published Nov 23, 2021

OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e... Moderate Unreviewed

CVE-2021-38375 was published Nov 23, 2021

OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within... Moderate Unreviewed

CVE-2021-38377 was published Nov 23, 2021

OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering. Moderate Unreviewed

CVE-2021-33494 was published Nov 23, 2021

OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file. Moderate Unreviewed

CVE-2021-33489 was published Nov 23, 2021

OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature. Moderate Unreviewed

CVE-2021-33490 was published Nov 23, 2021

Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a... Moderate Unreviewed

CVE-2021-37999 was published Nov 24, 2021

A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a... Moderate Unreviewed

CVE-2021-31852 was published Nov 24, 2021

The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic... Moderate Unreviewed

CVE-2021-24875 was published Nov 24, 2021

The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid... Moderate Unreviewed

CVE-2021-24729 was published Nov 24, 2021

The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link... Moderate Unreviewed

CVE-2021-24812 was published Nov 24, 2021

The Advanced Access Manager WordPress plugin before 6.8.0 does not escape some of its settings... Moderate Unreviewed

CVE-2021-24830 was published Nov 24, 2021

Cross-site scripting vulnerability in Booking Package - Appointment Booking Calendar System... Moderate Unreviewed

CVE-2021-20840 was published Nov 25, 2021

Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities in WordPress Awesome... Moderate Unreviewed

CVE-2021-36919 was published Nov 27, 2021

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating... Moderate Unreviewed

CVE-2021-36843 was published Nov 27, 2021

Stored cross-site scripting (XSS) was possible in protection plan details. The following products... Moderate Unreviewed

CVE-2021-44203 was published Nov 30, 2021

Stored cross-site scripting (XSS) was possible in activity details. The following products are... Moderate Unreviewed

CVE-2021-44202 was published Nov 30, 2021

Cross-site scripting (XSS) was possible in notification pop-ups. The following products are... Moderate Unreviewed

CVE-2021-44201 was published Nov 30, 2021

Self cross-site scripting (XSS) was possible on devices page. The following products are affected... Moderate Unreviewed

CVE-2021-44200 was published Nov 30, 2021

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,608 advisories