GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ILIAS 7.25 (2023-09-12) allows any authenticated user to execute arbitrary operating system... Critical Unreviewed

CVE-2023-45869 was published Oct 26, 2023

Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS). Critical Unreviewed

CVE-2022-37830 was published Oct 19, 2023

A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application... Critical Unreviewed

CVE-2023-35796 was published Oct 10, 2023

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable... Critical Unreviewed

CVE-2023-26218 was published Sep 29, 2023

Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or... Critical Unreviewed

CVE-2023-0625 was published Sep 25, 2023

Plesk 17.0 through 18.0.31 version, is vulnerable to a Cross-Site Scripting. A malicious... Critical Unreviewed

CVE-2023-0829 was published Sep 20, 2023

A cross-site scripting (XSS) vulnerability in FileBrowser before v2.23.0 allows an authenticated... Critical Unreviewed

CVE-2023-39612 was published Sep 16, 2023

IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow... Critical Unreviewed

CVE-2023-26270 was published Aug 28, 2023

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows,... Critical Unreviewed

CVE-2023-2318 was published Aug 19, 2023

DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted... Critical Unreviewed

CVE-2023-2317 was published Aug 19, 2023

Cross-site scripting (XSS) for the Intel(R) DSA software before version 23.1.9 may allow... Critical Unreviewed

CVE-2023-27515 was published Aug 11, 2023

Cross-site Scripting (XSS) in some Intel(R) Manageability Commander software before version 2.3... Critical Unreviewed

CVE-2022-29887 was published Aug 11, 2023

/ui/cron/item/open in the Cron component of OPNsense before 23.7 allows XSS. Critical Unreviewed

CVE-2023-39007 was published Aug 9, 2023

In PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT in versions prior to 2.07.2 as well as CLOUD... Critical Unreviewed

CVE-2023-3526 was published Aug 8, 2023

Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute... Critical Unreviewed

CVE-2023-36217 was published Aug 3, 2023

Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3. Critical Unreviewed

CVE-2023-3973 was published Jul 27, 2023

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2... Critical Unreviewed

CVE-2022-46733 was published Jul 6, 2023

SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting ... Critical Unreviewed

CVE-2022-40190 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java... Critical Unreviewed

CVE-2023-30320 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java... Critical Unreviewed

CVE-2023-30319 was published Jul 6, 2023

Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet... Critical Unreviewed

CVE-2023-30321 was published Jul 6, 2023

Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker... Critical Unreviewed

CVE-2023-34192 was published Jul 6, 2023

An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can... Critical Unreviewed

CVE-2022-45938 was published Jun 2, 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... Critical Unreviewed

CVE-2023-28347 was published May 31, 2023

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to... Critical Unreviewed

CVE-2023-21516 was published May 27, 2023

Previous 1…5…10 Next

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories