GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

194 advisories

Filter by severity

Sort by

Least recently updated

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker... Critical Unreviewed

CVE-2023-34192 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java... Critical Unreviewed

CVE-2023-30319 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet... Critical Unreviewed

CVE-2023-30321 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java... Critical Unreviewed

CVE-2023-30320 was published Jul 6, 2023

An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can... Critical Unreviewed

CVE-2022-45938 was published Jun 2, 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... Critical Unreviewed

CVE-2023-28347 was published May 31, 2023

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to... Critical Unreviewed

CVE-2023-21516 was published May 27, 2023

Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management... Critical Unreviewed

CVE-2023-31703 was published May 17, 2023

An improper neutralization of input during web page generation ('Cross-site Scripting')... Critical Unreviewed

CVE-2023-22637 was published May 4, 2023

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows... Critical Unreviewed

CVE-2020-21487 was published Apr 4, 2023

The web configuration service of the affected device contains an authenticated command injection... Critical Unreviewed

CVE-2023-0432 was published Mar 31, 2023

Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing... Critical Unreviewed

CVE-2022-42948 was published Mar 24, 2023

Cross Site Scripting vulnerability found in Markdown Edit allows a remote attacker to execute... Critical Unreviewed

CVE-2020-19947 was published Mar 16, 2023

Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before... Critical Unreviewed

CVE-2021-33351 was published Mar 9, 2023

Cross Site Scripting Vulnerability in MiniCMS v.1.10 allows attacker to execute arbitrary code... Critical Unreviewed

CVE-2021-33387 was published Feb 24, 2023

Countly, a product analytics solution, is vulnerable to cross-site scripting prior to version 21... Critical Unreviewed

CVE-2021-32852 was published Feb 21, 2023

**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer... Critical Unreviewed

CVE-2022-48311 was published Feb 6, 2023

** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Slice 1st... Critical Unreviewed

CVE-2021-37373 was published Feb 3, 2023

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3... Critical Unreviewed

CVE-2023-24508 was published Jan 26, 2023

Caret is vulnerable to an XSS attack when the user opens a crafted Markdown file when preview... Critical Unreviewed

CVE-2022-42967 was published Jan 11, 2023

Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an... Critical Unreviewed

CVE-2022-34322 was published Jan 1, 2023

Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to... Critical Unreviewed

CVE-2022-40004 was published Dec 16, 2022

A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2... Critical Unreviewed

CVE-2022-31358 was published Dec 14, 2022

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected... Critical Unreviewed

CVE-2022-4353 was published Dec 8, 2022

A vulnerability was found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by... Critical Unreviewed

CVE-2022-4354 was published Dec 8, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

194 advisories