Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28,483 advisories

Loading
Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module.... Moderate Unreviewed
CVE-2022-42119 was published Nov 15, 2022
In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a... Moderate Unreviewed
CVE-2022-40844 was published Nov 15, 2022
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS)... Moderate Unreviewed
CVE-2022-40846 was published Nov 15, 2022
The WPB Show Core WordPress plugin through TODO does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2022-3484 was published Nov 14, 2022
The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its... Moderate Unreviewed
CVE-2022-3469 was published Nov 14, 2022
A vulnerability classified as problematic was found in SourceCodester Sanitization Management... Moderate Unreviewed
CVE-2022-3992 was published Nov 14, 2022
A stored cross-site scripting (XSS) vulnerability in the Add function of Eramba GRC Software c2.8... Moderate Unreviewed
CVE-2022-43342 was published Nov 14, 2022
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2022-3578 was published Nov 14, 2022
The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters,... Moderate Unreviewed
CVE-2022-3415 was published Nov 14, 2022
The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not sanitize and escapes... Moderate Unreviewed
CVE-2022-3631 was published Nov 14, 2022
The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8... Moderate Unreviewed
CVE-2022-3539 was published Nov 14, 2022
OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS). Moderate Unreviewed
CVE-2021-40272 was published Nov 14, 2022
A vulnerability was found in Frappe. It has been rated as problematic. Affected by this issue is... Moderate Unreviewed
CVE-2022-3988 was published Nov 14, 2022
A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an... Moderate Unreviewed
CVE-2022-3963 was published Nov 13, 2022
A vulnerability has been found in emlog and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2022-3968 was published Nov 13, 2022
NukeView CMS vulnerable to Cross-site Scripting Moderate
CVE-2022-3975 was published for nukeviet/nukeviet (Composer) Nov 13, 2022
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2022-40750 was published Nov 12, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting.... Moderate Unreviewed
CVE-2022-36776 was published Nov 12, 2022
A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is... Moderate Unreviewed
CVE-2022-3950 was published Nov 11, 2022
A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple... Moderate Unreviewed
CVE-2022-3949 was published Nov 11, 2022
Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged... High Unreviewed
CVE-2022-30297 was published Nov 11, 2022
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote... Moderate Unreviewed
CVE-2022-26088 was published Nov 11, 2022
dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain... Moderate Unreviewed
CVE-2022-35740 was published Nov 11, 2022
Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic... Moderate Unreviewed
CVE-2022-42460 was published Nov 11, 2022
A vulnerability was found in SourceCodester Sanitization Management System and classified as... Moderate Unreviewed
CVE-2022-3942 was published Nov 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database