GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,385 advisories

Filter by severity

Sort by

Least recently updated

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored... Moderate Unreviewed

CVE-2021-29807 was published May 24, 2022

Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the mailbox username in... Moderate Unreviewed

CVE-2020-19915 was published May 24, 2022

The eID Easy WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error... Moderate Unreviewed

CVE-2021-34650 was published May 24, 2022

The OptinMonster WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2021-39325 was published May 24, 2022

Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3... Moderate Unreviewed

CVE-2021-20825 was published May 24, 2022

Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series)... Moderate Unreviewed

CVE-2021-20828 was published May 24, 2022

A stored cross-site scripting issue impacts certain areas of the Web UI for Code Insight v7.x... Moderate Unreviewed

CVE-2020-12082 was published May 24, 2022

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile... Moderate Unreviewed

CVE-2021-41391 was published May 24, 2022

A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the... Moderate Unreviewed

CVE-2020-21482 was published May 24, 2022

OpenSIS Community Edition version <= 7.6 is affected by a reflected XSS vulnerability in... Moderate Unreviewed

CVE-2021-27340 was published May 24, 2022

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, and 14.1.x before 14.1.4.3, a DOM... Moderate Unreviewed

CVE-2021-23027 was published May 24, 2022

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability Moderate Unreviewed

CVE-2021-40440 was published May 24, 2022

Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute... Moderate Unreviewed

CVE-2020-19148 was published May 24, 2022

Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code... Moderate Unreviewed

CVE-2020-19156 was published May 24, 2022

Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows remote attackers to execute... Moderate Unreviewed

CVE-2020-19158 was published May 24, 2022

Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers to execute arbitrary code... Moderate Unreviewed

CVE-2020-19157 was published May 24, 2022

In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative... Moderate Unreviewed

CVE-2021-38156 was published May 24, 2022

The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar. Moderate Unreviewed

CVE-2021-37412 was published May 24, 2022

A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel in Webuzo < 2.9.0 via an... Moderate Unreviewed

CVE-2021-40238 was published May 24, 2022

A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager... Moderate Unreviewed

CVE-2021-40966 was published May 24, 2022

NWDI Notification Service versions - 7.31, 7.40, 7.50, does not sufficiently encode user... Moderate Unreviewed

CVE-2021-33691 was published May 24, 2022

Multiple cross-site scripting (XSS) vulnerabilities exist in SITA Software Azur CMS 1.2.3.1 and... Moderate Unreviewed

CVE-2021-28901 was published May 24, 2022

SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing... Moderate Unreviewed

CVE-2021-33694 was published May 24, 2022

SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does... Moderate Unreviewed

CVE-2021-33696 was published May 24, 2022

SAP NetWeaver Enterprise Portal versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not... Moderate Unreviewed

CVE-2021-21489 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,385 advisories