Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,530 advisories

Loading
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1619 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to Cross-site Scripting Low
CVE-2010-1614 was published for moodle/moodle (Composer) May 13, 2022
SilverStripe vulnerable to Cross-site Scripting Low
CVE-2010-1593 was published for silverstripe/cms (Composer) May 14, 2022
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when... Low Unreviewed
CVE-2024-6792 was published Sep 6, 2024
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard... Low Unreviewed
CVE-2014-1458 was published May 17, 2022
The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe... Low Unreviewed
CVE-2013-5739 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin... Low Unreviewed
CVE-2013-4944 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie... Low Unreviewed
CVE-2013-4954 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in... Low Unreviewed
CVE-2013-5309 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9... Low Unreviewed
CVE-2013-3720 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress... Low Unreviewed
CVE-2012-6527 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5... Low Unreviewed
CVE-2012-5388 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin... Low Unreviewed
CVE-2012-5349 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1... Low Unreviewed
CVE-2012-1613 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x... Low Unreviewed
CVE-2012-4600 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in program/steps/mail/func.inc in RoundCube Webmail... Low Unreviewed
CVE-2012-3507 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in... Low Unreviewed
CVE-2012-2687 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer.php in TCExam before 11.3... Low Unreviewed
CVE-2012-4238 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer... Low Unreviewed
CVE-2012-1253 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in starnet/index.php in SyndeoCMS 3.0.01 and earlier... Low Unreviewed
CVE-2012-1979 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and... Low Unreviewed
CVE-2012-1082 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in wp-comments-post.php in WordPress 3.3.x before 3.3.1,... Low Unreviewed
CVE-2012-0287 was published May 4, 2022
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows... Low Unreviewed
CVE-2010-4883 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in... Low Unreviewed
CVE-2011-2642 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote... Low Unreviewed
CVE-2011-0700 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database