GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,394 advisories
Filter by severity
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin ...
Moderate
Unreviewed
CVE-2021-36875
was published
May 24, 2022
The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape the time_zone attribute of...
Moderate
Unreviewed
CVE-2021-24671
was published
May 24, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in YITH Maintenance Mode (WordPress...
Moderate
Unreviewed
CVE-2021-36841
was published
May 24, 2022
Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by a reflected Cross-Site...
Moderate
Unreviewed
CVE-2021-40714
was published
May 24, 2022
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross...
Moderate
Unreviewed
CVE-2021-3830
was published
May 24, 2022
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account...
Moderate
Unreviewed
CVE-2020-20508
was published
May 24, 2022
An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when...
Moderate
Unreviewed
CVE-2021-40100
was published
May 24, 2022
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability...
Moderate
Unreviewed
CVE-2021-40310
was published
May 24, 2022
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient...
Moderate
Unreviewed
CVE-2016-6555
was published
May 24, 2022
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient...
Moderate
Unreviewed
CVE-2016-6556
was published
May 24, 2022
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input...
Moderate
Unreviewed
CVE-2021-22016
was published
May 24, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the...
High
Unreviewed
CVE-2021-22948
was published
May 24, 2022
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts...
Moderate
Unreviewed
CVE-2021-36872
was published
May 24, 2022
OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script...
Moderate
Unreviewed
CVE-2021-3824
was published
May 24, 2022
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country...
Moderate
Unreviewed
CVE-2021-36873
was published
May 24, 2022
IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to...
Moderate
Unreviewed
CVE-2021-29800
was published
May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This...
Moderate
Unreviewed
CVE-2021-20484
was published
May 24, 2022
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in WordPress Absolutely Glamorous...
High
Unreviewed
CVE-2021-36823
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29810
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29812
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29815
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29813
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29905
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29832
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to...
Moderate
Unreviewed
CVE-2021-29833
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API