Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,854
NuGet
696
pip
3,639
Pub
12
RubyGems
912
Rust
913
Swift
38
Unreviewed advisories
All unreviewed
5,000+

33,039 advisories

Loading
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Print, PDF, Email by... Moderate Unreviewed
CVE-2023-25032 was published Oct 25, 2023
Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1... Moderate Unreviewed
CVE-2023-1356 was published Oct 25, 2023
dtale vulnerable to Remote Code Execution through the Custom Filter Input Moderate
CVE-2023-46134 was published for dtale (pip) Oct 25, 2023
yadhukrishnam
Fides JavaScript Injection Vulnerability in Privacy Center URL Low
CVE-2023-46126 was published for ethyca-fides (pip) Oct 24, 2023
Concrete CMS Cross-site Scripting vulnerability Moderate
CVE-2023-44760 was published for concrete5/concrete5 (Composer) Oct 24, 2023
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker... Moderate Unreviewed
CVE-2023-46058 was published Oct 24, 2023
kodbox 1.44 is vulnerable to Cross Site Scripting (XSS). Customizing global HTML results in... Moderate Unreviewed
CVE-2023-45998 was published Oct 24, 2023
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute... Moderate Unreviewed
CVE-2023-43358 was published Oct 24, 2023
Cross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker... Moderate Unreviewed
CVE-2023-46059 was published Oct 24, 2023
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows... Unknown Unreviewed
CVE-2023-37636 was published Oct 23, 2023
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows... Moderate Unreviewed
CVE-2023-27149 was published Oct 23, 2023
IBM Security Verify Governance 10.0 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2023-33840 was published Oct 23, 2023
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1... Moderate Unreviewed
CVE-2023-27148 was published Oct 23, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 is vulnerable to stored cross... Moderate Unreviewed
CVE-2023-38722 was published Oct 23, 2023
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged... Moderate Unreviewed
CVE-2023-43065 was published Oct 23, 2023
A vulnerability has been found in vnotex vnote up to 3.17.0 and classified as problematic.... Moderate Unreviewed
CVE-2023-5701 was published Oct 23, 2023
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been declared as... Moderate Unreviewed
CVE-2023-5695 was published Oct 23, 2023
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been classified as... Moderate Unreviewed
CVE-2023-5694 was published Oct 23, 2023
A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been rated as... Moderate Unreviewed
CVE-2023-5696 was published Oct 23, 2023
A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0... Moderate Unreviewed
CVE-2023-5697 was published Oct 23, 2023
A vulnerability, which was classified as problematic, has been found in CodeAstro Internet... Moderate Unreviewed
CVE-2023-5699 was published Oct 23, 2023
A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0.... Moderate Unreviewed
CVE-2023-5698 was published Oct 23, 2023
The EventON plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab'... Moderate Unreviewed
CVE-2023-4635 was published Oct 21, 2023
Cross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker... Moderate Unreviewed
CVE-2023-46054 was published Oct 21, 2023
The Add Custom Body Class plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-5205 was published Oct 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database