Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,115
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,274 advisories

Loading
yetiforcecrm is vulnerable to Cross-site Scripting Moderate
CVE-2021-4107 was published for yetiforce/yetiforce-crm (Composer) Dec 16, 2021
Dolibarr Cross Site Scripting (XSS) vulnerability Moderate
CVE-2021-42220 was published for dolibarr/dolibarr (Composer) Dec 16, 2021
Cross site scripting in remdex/livehelperchat Moderate
CVE-2021-4050 was published for remdex/livehelperchat (Composer) Dec 10, 2021
Laravel Framework XSS in Blade templating engine Moderate
CVE-2021-43808 was published for illuminate/view (Composer) Dec 8, 2021
chinpei215
Cross-site Scripting in LibreNMS Moderate
CVE-2021-44279 was published for librenms/librenms (Composer) Dec 3, 2021
Cross-site Scripting in LibreNMS Moderate
CVE-2021-44277 was published for librenms/librenms (Composer) Dec 3, 2021
Cross-site Scripting in kimai2 Moderate
CVE-2021-3983 was published for kevinpapst/kimai2 (Composer) Dec 3, 2021
snipe-it is vulnerable to Cross-site Scripting Moderate
CVE-2021-4018 was published for snipe/snipe-it (Composer) Dec 3, 2021
XSS in richtext custom tag attributes in ezsystems/ezplatform-richtext Moderate
GHSA-fxwm-rx68-p5vx was published for ezsystems/ezplatform-richtext (Composer) Dec 1, 2021
tdunlap607
Cross-site Scripting in moodle Moderate
CVE-2021-43558 was published for moodle/moodle (Composer) Nov 23, 2021
Cross-site scripting (XSS) from image block content in the site frontend Moderate
CVE-2021-41258 was published for getkirby/cms (Composer) Nov 16, 2021
azrultech
Cross-site scripting (XSS) from writer field content in the site frontend Moderate
CVE-2021-41252 was published for getkirby/cms (Composer) Nov 16, 2021
azrultech
Cross-site Scripting in pegasus/google-for-jobs Moderate
CVE-2021-43561 was published for pegasus/google-for-jobs (Composer) Nov 15, 2021
Cross-site Scripting in LibreNMS Moderate
CVE-2021-43324 was published for librenms/librenms (Composer) Nov 8, 2021
Cross-site scripting vulnerability in TinyMCE plugins Moderate
CVE-2024-21910 was published for TinyMCE (Composer) Nov 2, 2021
Cross-Site Scripting in grav Moderate
CVE-2021-3904 was published for getgrav/grav (Composer) Nov 1, 2021
Authenticated Stored XSS in shopware/shopware Moderate
CVE-2021-41188 was published for shopware/shopware (Composer) Oct 27, 2021
Cross Site Scripting in Microweber Moderate
CVE-2021-33988 was published for microweber/microweber (Composer) Oct 25, 2021
Cross-site scripting in forkcms Moderate
CVE-2020-23049 was published for forkcms/forkcms (Composer) Oct 25, 2021
Cross-site scripting vulnerability in TinyMCE Moderate
CVE-2024-21908 was published for TinyMCE (Composer) Oct 22, 2021
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu Moderate
CVE-2021-41169 was published for sulu/sulu (Composer) Oct 22, 2021
Cross-site Scripting in snipe-it Moderate
CVE-2021-3863 was published for snipe/snipe-it (Composer) Oct 21, 2021
Cross-site Scripting in snipe-it Moderate
CVE-2021-3879 was published for snipe/snipe-it (Composer) Oct 21, 2021
Cross-site Scripting in SilverStripe Framework Moderate
CVE-2021-36150 was published for silverstripe/admin (Composer) Oct 12, 2021
Cross-site Scripting in Limesurvey Moderate
CVE-2021-42112 was published for limesurvey/limesurvey (Composer) Oct 12, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database