GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
28,483 advisories
Filter by severity
Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module....
Moderate
Unreviewed
CVE-2022-42119
was published
Nov 15, 2022
In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a...
Moderate
Unreviewed
CVE-2022-40844
was published
Nov 15, 2022
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2022-40846
was published
Nov 15, 2022
The WPB Show Core WordPress plugin through TODO does not sanitise and escape a parameter before...
Moderate
Unreviewed
CVE-2022-3484
was published
Nov 14, 2022
The WP Attachments WordPress plugin before 5.0.5 does not sanitize and escapes some of its...
Moderate
Unreviewed
CVE-2022-3469
was published
Nov 14, 2022
A vulnerability classified as problematic was found in SourceCodester Sanitization Management...
Moderate
Unreviewed
CVE-2022-3992
was published
Nov 14, 2022
A stored cross-site scripting (XSS) vulnerability in the Add function of Eramba GRC Software c2.8...
Moderate
Unreviewed
CVE-2022-43342
was published
Nov 14, 2022
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before...
Moderate
Unreviewed
CVE-2022-3578
was published
Nov 14, 2022
The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters,...
Moderate
Unreviewed
CVE-2022-3415
was published
Nov 14, 2022
The OAuth Client by DigitialPixies WordPress plugin through 1.1.0 does not sanitize and escapes...
Moderate
Unreviewed
CVE-2022-3631
was published
Nov 14, 2022
The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8...
Moderate
Unreviewed
CVE-2022-3539
was published
Nov 14, 2022
OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting (XSS).
Moderate
Unreviewed
CVE-2021-40272
was published
Nov 14, 2022
A vulnerability was found in Frappe. It has been rated as problematic. Affected by this issue is...
Moderate
Unreviewed
CVE-2022-3988
was published
Nov 14, 2022
A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an...
Moderate
Unreviewed
CVE-2022-3963
was published
Nov 13, 2022
A vulnerability has been found in emlog and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2022-3968
was published
Nov 13, 2022
NukeView CMS vulnerable to Cross-site Scripting
Moderate
CVE-2022-3975
was published
for
nukeviet/nukeviet
(Composer)
Nov 13, 2022
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This...
Moderate
Unreviewed
CVE-2022-40750
was published
Nov 12, 2022
IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting....
Moderate
Unreviewed
CVE-2022-36776
was published
Nov 12, 2022
A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is...
Moderate
Unreviewed
CVE-2022-3950
was published
Nov 11, 2022
A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple...
Moderate
Unreviewed
CVE-2022-3949
was published
Nov 11, 2022
Cross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged...
High
Unreviewed
CVE-2022-30297
was published
Nov 11, 2022
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote...
Moderate
Unreviewed
CVE-2022-26088
was published
Nov 11, 2022
dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain...
Moderate
Unreviewed
CVE-2022-35740
was published
Nov 11, 2022
Broken Access Control vulnerability leading to Stored Cross-Site Scripting (XSS) in Traffic...
Moderate
Unreviewed
CVE-2022-42460
was published
Nov 11, 2022
A vulnerability was found in SourceCodester Sanitization Management System and classified as...
Moderate
Unreviewed
CVE-2022-3942
was published
Nov 11, 2022
ProTip!
Advisories are also available from the
GraphQL API