GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
123 advisories
Filter by severity
syncthing vulnerable to Cross-site Scripting (XSS) in Web GUI
Moderate
CVE-2022-46165
was published
for
github.com/syncthing/syncthing
(Go)
Jun 6, 2023
Rancher UI has multiple Cross-Site Scripting (XSS) issues
High
CVE-2022-43760
was published
for
rancher/rancher
(Go)
Jun 6, 2023
Gitpod vulnerable to Cross-site Scripting
Moderate
CVE-2023-32766
was published
for
github.com/gitpod-io/gitpod
(Go)
Jun 5, 2023
Algernon engine and themes vulnerable to Cross-site Scripting
Moderate
CVE-2023-26131
was published
for
github.com/xyproto/algernon
(Go)
May 31, 2023
Phachon mm-wiki vulnerable to stored cross-site scripting (XSS)
Moderate
CVE-2020-19277
was published
for
github.com/phachon/mm-wiki
(Go)
Apr 4, 2023
Mattermost vulnerable to cross-site scripting (XSS)
Moderate
CVE-2023-1776
was published
for
github.com/mattermost/mattermost-server
(Go)
Mar 31, 2023
Grafana Stored Cross-site Scripting in Graphite FunctionDescription tooltip
Moderate
CVE-2023-1410
was published
for
github.com/grafana/grafana
(Go)
Mar 23, 2023
Duplicate Advisory: Grafana Stored Cross-site Scripting vulnerability
Moderate
GHSA-3cgw-hfw7-wc7j
was published
for
github.com/grafana/grafana
(Go)
Mar 23, 2023
•
withdrawn
Gophish vulnerable to Cross-site Scripting via crafted landing page
Moderate
CVE-2022-45004
was published
for
github.com/gophish/gophish
(Go)
Mar 22, 2023
Answer vulnerable to Stored Cross-site Scripting
Moderate
CVE-2023-1535
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
Answer vulnerable to Stored Cross-site Scripting
Moderate
CVE-2023-1536
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
imgproxy Cross-site Scripting vulnerability
Moderate
CVE-2023-1496
was published
for
github.com/imgproxy/imgproxy/v3
(Go)
Mar 19, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1240
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1241
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1242
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1243
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1237
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1239
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1238
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1245
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Answer vulnerable to Cross-site Scripting
Moderate
CVE-2023-1244
was published
for
github.com/answerdev/answer
(Go)
Mar 7, 2023
Grafana vulnerable to Stored Cross-site Scripting in Text plugin
Moderate
CVE-2023-22462
was published
for
github.com/grafana/grafana
(Go)
Mar 1, 2023
teler-waf contains detection rule bypass via Entities payload
Moderate
CVE-2023-26047
was published
for
github.com/kitabisa/teler-waf
(Go)
Mar 1, 2023
teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload
Moderate
CVE-2023-26046
was published
for
github.com/kitabisa/teler-waf
(Go)
Mar 1, 2023
Grafana vulnerable to Cross-site Scripting
Moderate
CVE-2023-0507
was published
for
github.com/grafana/grafana
(Go)
Mar 1, 2023
ProTip!
Advisories are also available from the
GraphQL API