GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP...
Moderate
Unreviewed
CVE-2023-45635
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-45053
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-40557
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP...
Moderate
Unreviewed
CVE-2023-39161
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-23735
was published
Jun 4, 2024
teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload
Moderate
CVE-2023-26046
was published
for
github.com/kitabisa/teler-waf
(Go)
Mar 1, 2023
phpxmlrpc/extra XSS in class documenting_xmlrpc_server
Moderate
GHSA-ww6p-q26w-fr6m
was published
for
phpxmlrpc/extras
(Composer)
May 20, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in...
Low
Unreviewed
CVE-2024-4214
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-32790
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-23522
was published
May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-24874
was published
May 17, 2024
Blind XSS Leading to Froxlor Application Compromise
Critical
CVE-2024-34070
was published
for
froxlor/froxlor
(Composer)
May 10, 2024
static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
Moderate
CVE-2024-32966
was published
for
static-web-server
(Rust)
May 1, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.1 and below that...
Moderate
Unreviewed
CVE-2024-25690
was published
Apr 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in...
Moderate
Unreviewed
CVE-2023-48763
was published
Apr 24, 2024
Dolibarr Application Home Page has HTML injection vulnerability
High
CVE-2024-23817
was published
for
dolibarr/dolibarr
(Composer)
Apr 18, 2024
Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4.
Moderate
Unreviewed
CVE-2023-22309
was published
Apr 20, 2023
The WP HTML Mail plugin for WordPress is vulnerable to HTML injection in versions up to, and...
Moderate
Unreviewed
CVE-2019-25144
was published
Jun 7, 2023
Stored XSS in graph rendering in Checkmk <2.3.0b4.
Moderate
Unreviewed
CVE-2024-2380
was published
Apr 5, 2024
A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of...
Moderate
Unreviewed
CVE-2023-34354
was published
Oct 11, 2023
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet...
Moderate
Unreviewed
CVE-2023-36555
was published
Oct 10, 2023
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows...
Moderate
Unreviewed
CVE-2023-3971
was published
Oct 4, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-4663
was published
Sep 15, 2023
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by...
Moderate
Unreviewed
CVE-2023-4109
was published
Aug 30, 2023
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.
Moderate
Unreviewed
CVE-2023-23548
was published
Aug 1, 2023
ProTip!
Advisories are also available from the
GraphQL API