Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,385 advisories

Loading
Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user... Moderate Unreviewed
CVE-2021-33673 was published May 24, 2022
Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user... Moderate Unreviewed
CVE-2021-33675 was published May 24, 2022
Under certain conditions, SAP Contact Center - version 700, does not sufficiently encode user... Moderate Unreviewed
CVE-2021-33674 was published May 24, 2022
The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the... Moderate Unreviewed
CVE-2021-33679 was published May 24, 2022
In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulating the "post... Moderate Unreviewed
CVE-2021-32202 was published May 24, 2022
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2021-29841 was published May 24, 2022
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x... Moderate Unreviewed
CVE-2021-23041 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in the background administrator article management... Moderate Unreviewed
CVE-2020-21082 was published May 24, 2022
The WebFOCUS Reporting Server and WebFOCUS Client components of TIBCO Software Inc.'s TIBCO... Moderate Unreviewed
CVE-2021-35493 was published May 24, 2022
On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.2, 13.1.x before... Critical Unreviewed
CVE-2021-23038 was published May 24, 2022
On all versions of 16.1.x, 16.0.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x, a reflected cross... Critical Unreviewed
CVE-2021-23037 was published May 24, 2022
Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 Moderate Unreviewed
CVE-2021-22528 was published May 24, 2022
Gibbon v22.0.00 suffers from a stored XSS vulnerability within the wall messages component. Moderate Unreviewed
CVE-2021-40214 was published May 24, 2022
PRTG Network Monitor before 21.3.69.1333 allows stored XSS via an unsanitized string imported... Moderate Unreviewed
CVE-2021-29643 was published May 24, 2022
The create_post_page AJAX action of the Custom Post View Generator WordPress plugin through 0.4.6... Moderate Unreviewed
CVE-2021-24605 was published May 24, 2022
The Smash Balloon Social Post Feed WordPress plugin before 2.19.2 does not sanitise or escape the... Moderate Unreviewed
CVE-2021-24508 was published May 24, 2022
The Book appointment online WordPress plugin before 1.39 does not sanitise or escape Service... Moderate Unreviewed
CVE-2021-24614 was published May 24, 2022
The Daily Prayer Time WordPress plugin before 2021.08.10 does not sanitise or escape some of its... Moderate Unreviewed
CVE-2021-24523 was published May 24, 2022
The MF Gig Calendar WordPress plugin through 1.1 does not sanitise or escape the id GET parameter... Moderate Unreviewed
CVE-2021-24510 was published May 24, 2022
The Per page add to head WordPress plugin through 1.4.4 does not properly sanitise one of its... Moderate Unreviewed
CVE-2021-24619 was published May 24, 2022
The Software License Manager WordPress plugin before 4.4.8 does not sanitise or escape the... Moderate Unreviewed
CVE-2021-24560 was published May 24, 2022
The WordPress Advanced Ticket System, Elite Support Helpdesk WordPress plugin before 1.0.64 does... Moderate Unreviewed
CVE-2021-24623 was published May 24, 2022
The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code,... Moderate Unreviewed
CVE-2021-24621 was published May 24, 2022
The Timetable and Event Schedule by MotoPress WordPress plugin before 2.3.19 does not sanitise... Moderate Unreviewed
CVE-2021-24724 was published May 24, 2022
A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute... Moderate Unreviewed
CVE-2020-19282 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API