GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
1,582 advisories
Filter by severity
Basic SEO Features (seo_basics) extension TYPO3 vulnerable to Cross-site Scripting
Low
CVE-2012-5888
was published
for
b13/seo_basics
(Composer)
May 17, 2022
powermail extension for TYPO3 has Cross-site Scripting vulnerability
Low
CVE-2012-5889
was published
for
in2code/powermail
(Composer)
May 17, 2022
Moodle vulnerable to Cross-site Scripting
Low
CVE-2011-4282
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-Site Scripting
Low
CVE-2011-4299
was published
for
moodle/moodle
(Composer)
May 13, 2022
Symphony CMS vulnerable to Cross-site Scripting
Low
CVE-2011-4340
was published
for
symphonycms/symphony-2
(Composer)
May 17, 2022
phpMyAdmin Cross-site Scripting vulnerability
Low
CVE-2011-4782
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
phpMyAdmin vulnerable to Cross-site Scripting
Low
CVE-2011-4634
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Joomla! vulnerable to Cross-site Scripting
Low
CVE-2011-4332
was published
for
joomla/joomla-cms
(Composer)
May 17, 2022
MantisBT Cross-site Scripting vulnerability
Low
CVE-2010-2574
was published
for
mantisbt/mantisbt
(Composer)
May 14, 2022
Commerce extension for TYPO3 vulnerable to Cross-site Scripting
Low
CVE-2009-4963
was published
for
commerceteam/commerce
(Composer)
May 2, 2022
Piwik (now Matomo) Vulnerable to Cross-Site Scripting (XSS)
Low
CVE-2013-1844
was published
for
matomo/matomo
(Composer)
May 13, 2022
phpMyAdmin Vulnerable to Cross-Site Scripting
Low
CVE-2011-1940
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 17, 2022
Moodle vulnerable to Cross-site Scripting
Low
CVE-2010-1619
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle vulnerable to Cross-site Scripting
Low
CVE-2010-1614
was published
for
moodle/moodle
(Composer)
May 13, 2022
SilverStripe vulnerable to Cross-site Scripting
Low
CVE-2010-1593
was published
for
silverstripe/cms
(Composer)
May 14, 2022
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when...
Low
Unreviewed
CVE-2024-6792
was published
Sep 6, 2024
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiGuard...
Low
Unreviewed
CVE-2014-1458
was published
May 17, 2022
The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe...
Low
Unreviewed
CVE-2013-5739
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the BuddyPress Extended Friendship Request plugin...
Low
Unreviewed
CVE-2013-4944
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Genetech Solutions Pie...
Low
Unreviewed
CVE-2013-4954
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in...
Low
Unreviewed
CVE-2013-5309
was published
May 13, 2022
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9...
Low
Unreviewed
CVE-2013-3720
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the My Calendar plugin before 1.10.2 for WordPress...
Low
Unreviewed
CVE-2012-6527
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in wlcms-plugin.php in the White Label CMS plugin 1.5...
Low
Unreviewed
CVE-2012-5388
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin...
Low
Unreviewed
CVE-2012-5349
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API