Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

29,438 advisories

Loading
Cross Site Scripting (XSS) vulnerability in Gurock TestRail before 7.1.2 allows remote... Moderate Unreviewed
CVE-2021-36538 was published Feb 3, 2023
Cross Site Scripting (XSS) vulnerability in tpcms 3.2 allows remote attackers to run arbitrary... Moderate Unreviewed
CVE-2021-36545 was published Feb 3, 2023
Universal Cross Site Scripting (UXSS) vulnerability in Vimium Extension 1.66 and earlier allows... Moderate Unreviewed
CVE-2021-37518 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Cube and Cube... Moderate Unreviewed
CVE-2021-37378 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Sphere all... Moderate Unreviewed
CVE-2021-37379 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Clip all... Moderate Unreviewed
CVE-2021-37374 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Slice 1st... Critical Unreviewed
CVE-2021-37373 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Brik firmware... Moderate Unreviewed
CVE-2021-37377 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Bond, Bond 2... Moderate Unreviewed
CVE-2021-37376 was published Feb 3, 2023
** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek VidiU / VidiU... Moderate Unreviewed
CVE-2021-37375 was published Feb 3, 2023
Cross site scripting in automad/automad Moderate
CVE-2021-37502 was published for automad/automad (Composer) Feb 3, 2023
marcantondahmen
In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This... Moderate Unreviewed
CVE-2023-23635 was published Feb 3, 2023
In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vulnerable to stored XSS. This... Moderate Unreviewed
CVE-2023-23636 was published Feb 3, 2023
DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the... Moderate Unreviewed
CVE-2022-48140 was published Feb 2, 2023
The Real Media Library: Media Library Folder & File Manager plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-0253 was published Feb 2, 2023
A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue... Moderate Unreviewed
CVE-2023-0650 was published Feb 2, 2023
The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does... Moderate Unreviewed
CVE-2022-2546 was published Feb 2, 2023
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This... Moderate Unreviewed
CVE-2023-0639 was published Feb 2, 2023
AVideo contains Command injection when embedding a video link Critical
CVE-2023-25313 was published for wwbn/avideo (Composer) Feb 2, 2023
gonzxph
Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting... Moderate Unreviewed
CVE-2023-0599 was published Feb 2, 2023
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the... Moderate Unreviewed
CVE-2023-23073 was published Feb 1, 2023
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via embedding... Moderate Unreviewed
CVE-2023-23074 was published Feb 1, 2023
Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when... Moderate Unreviewed
CVE-2023-23075 was published Feb 1, 2023
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment... Moderate Unreviewed
CVE-2023-23078 was published Feb 1, 2023
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 13 via the comment... Moderate Unreviewed
CVE-2023-23077 was published Feb 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database