GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
133 advisories
Filter by severity
Cross site scripting vulnerability in ActionView
Moderate
CVE-2020-5267
was published
for
actionview
(RubyGems)
Mar 19, 2020
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in @nextcloud/dialogs
Moderate
CVE-2021-29438
was published
for
@nextcloud/dialogs
(npm)
Apr 16, 2021
Stored cross-site scripting in Grid component in Vaadin 7 and 8
Moderate
CVE-2019-25028
was published
for
com.vaadin:vaadin-bom
(Maven)
Apr 19, 2021
Cross-site scripting (XSS) from image block content in the site frontend
Moderate
CVE-2021-41258
was published
for
getkirby/cms
(Composer)
Nov 16, 2021
Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius
Moderate
CVE-2022-24749
was published
for
Sylius/Sylius
(Composer)
Mar 14, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been...
Moderate
Unreviewed
CVE-2008-10001
was published
Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection. It has...
Moderate
Unreviewed
CVE-2003-5003
was published
Mar 29, 2022
Apache Tomcat allows webmasters to insert xss into error messages
Moderate
CVE-2001-0829
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
Jetty Javascript Inclusion Vulnerability
Moderate
CVE-2002-1533
was published
for
org.mortbay.jetty:jetty
(Maven)
Apr 30, 2022
Apache Struts Cross-site scripting Vulnerability
Moderate
CVE-2005-3745
was published
for
org.apache.struts:struts-core
(Maven)
May 1, 2022
Apache Tomcat XSS Vulnerability
Moderate
CVE-2006-7195
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat SendMailServlet XSS
Moderate
CVE-2007-3383
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat's CookieExample Vulnerable to XSS
Moderate
CVE-2007-3384
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1...
Moderate
Unreviewed
CVE-2019-6577
was published
May 24, 2022
A vulnerability has been identified in Spectrum Power 3 (Corporate User Interface) (All versions ...
Moderate
Unreviewed
CVE-2019-10933
was published
May 24, 2022
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The...
Moderate
Unreviewed
CVE-2019-1010018
was published
May 24, 2022
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All...
Moderate
Unreviewed
CVE-2019-6585
was published
May 24, 2022
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS...
Moderate
Unreviewed
CVE-2020-13965
was published
May 24, 2022
A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow...
Moderate
Unreviewed
CVE-2019-19285
was published
May 24, 2022
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated...
Moderate
Unreviewed
CVE-2021-1351
was published
May 24, 2022
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2021-1420
was published
May 24, 2022
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If...
Moderate
Unreviewed
CVE-2020-36196
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API