Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,584 advisories

Loading
Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress... Low Unreviewed
CVE-2015-6805 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed... Low Unreviewed
CVE-2015-6535 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka... Low Unreviewed
CVE-2015-6810 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated... Low Unreviewed
CVE-2015-5622 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90... Low Unreviewed
CVE-2015-5150 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron... Low Unreviewed
CVE-2015-4427 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x,... Low Unreviewed
CVE-2015-3443 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the... Low Unreviewed
CVE-2015-4065 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36... Low Unreviewed
CVE-2015-3921 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera models SD range YCB003,... Low Unreviewed
CVE-2014-1902 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and... Low Unreviewed
CVE-2015-4608 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin... Low Unreviewed
CVE-2015-4063 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in MyBB (aka... Low Unreviewed
CVE-2015-2149 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0... Low Unreviewed
CVE-2014-9311 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457... Low Unreviewed
CVE-2015-1451 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in admin/themes/default/pages/manage_users... Low Unreviewed
CVE-2014-7264 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the search_controller in X3 CMS 0.5.1 and 0.5.1.1... Low Unreviewed
CVE-2014-8772 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for... Low Unreviewed
CVE-2014-8622 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for... Low Unreviewed
CVE-2014-5202 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in wp-includes/pluggable.php in WordPress before 3.9.2,... Low Unreviewed
CVE-2014-5240 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in templates/defaultheader.php in Lamp Design... Low Unreviewed
CVE-2014-3737 was published May 14, 2022
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote... Low Unreviewed
CVE-2014-0341 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0... Low Unreviewed
CVE-2011-3199 was published May 17, 2022
Joomla! Cross-site Scripting vulnerability Low
CVE-2013-5583 was published for joomla/joomla-cms (Composer) May 17, 2022
Static Info Tables (static_info_tables) extension TYPO3 vulnerable to Cross-site Scripting Low
CVE-2013-5323 was published for sjbr/static-info-tables (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database