Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
The SAP Application Interface (Message Dashboard) - versions AIF 703, AIFX 702, S4CORE 100, 101,... Moderate Unreviewed
CVE-2023-29110 was published Apr 11, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-1013 was published Mar 30, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44197 was published Mar 7, 2023
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2021-44196 was published Mar 7, 2023
teler-waf subject to Bypass of Common Web Attack Threat Rule with HTML Entities Payload Moderate
CVE-2023-26046 was published for github.com/kitabisa/teler-waf (Go) Mar 1, 2023
aidilarf
HTML Injection in Keycloak Admin REST API Moderate
CVE-2022-1274 was published for org.keycloak:keycloak-services (Maven) Mar 1, 2023
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages... Moderate Unreviewed
CVE-2022-28703 was published Dec 15, 2022
XBlock vulnerable to Cross-Site Scripting (XSS) High
CVE-2022-46147 was published for xblock-drag-and-drop-v2 (pip) Dec 2, 2022
Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown Moderate
GHSA-755v-r4x4-qf7m was published for org.keycloak:keycloak-core (Maven) Nov 29, 2022
jxn0
A vulnerability, which was classified as problematic, was found in Webmin. Affected is an unknown... Moderate Unreviewed
CVE-2022-3844 was published Nov 3, 2022
Twisted vulnerable to NameVirtualHost Host header injection Moderate
CVE-2022-39348 was published for twisted (pip) Oct 26, 2022
westonsteimel
XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list High
CVE-2022-36096 was published for org.xwiki.platform:xwiki-platform-index-ui (Maven) Sep 16, 2022
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form High
CVE-2022-36097 was published for org.xwiki.platform:xwiki-platform-attachment-ui (Maven) Sep 16, 2022
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history High
CVE-2022-36094 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
HTML Injection in ActiveMQ Artemis Web Console Moderate
CVE-2022-35278 was published for org.apache.activemq:artemis-server (Maven) Aug 24, 2022
A vulnerability has been identified in SCALANCE M-800 / S615 (All versions), SCALANCE SC-600... Moderate Unreviewed
CVE-2022-36325 was published Aug 11, 2022
A vulnerability was found in Itech Movie Portal Script 7.36. It has been rated as problematic.... Moderate Unreviewed
CVE-2017-20140 was published Jul 23, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by... Moderate Unreviewed
CVE-2017-20118 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2017-20117 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic.... Moderate Unreviewed
CVE-2017-20116 was published Jun 30, 2022
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This... Moderate Unreviewed
CVE-2017-20114 was published Jun 30, 2022
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue... Moderate Unreviewed
CVE-2017-20115 was published Jun 30, 2022
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This... Moderate Unreviewed
CVE-2017-20113 was published Jun 30, 2022
A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05... Moderate Unreviewed
CVE-2018-25034 was published Jun 13, 2022
Cross Site Scripting vulnerability in django-jsonform's admin form. High
GHSA-x9jp-4w8m-4f3c was published for django-jsonform (pip) Jun 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database