GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,652
Composer 4,465
Erlang 33
GitHub Actions 22
Go 2,164
Maven 5,398
npm 3,821
NuGet 696
pip 3,503
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,603

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

32,669 advisories

Filter by severity

Sort by

Least recently updated

The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-5230 was published Sep 28, 2023

OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard. Moderate Unreviewed

CVE-2023-44275 was published Sep 28, 2023

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard. Moderate Unreviewed

CVE-2023-44276 was published Sep 28, 2023

The Font Awesome More Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-5232 was published Sep 28, 2023

quill-mention Cross-site Scripting vulnerability Moderate

CVE-2023-26149 was published for quill-mention (npm) Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41446 was published Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41447 was published Sep 28, 2023

Microweber Cross-site Scripting vulnerability Moderate

CVE-2023-5244 was published for microweber/microweber (Composer) Sep 28, 2023

JFinalCMS foreground message can be embedded malicious code saved in the database. When users... Moderate Unreviewed

CVE-2023-43191 was published Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41448 was published Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41451 was published Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41453 was published Sep 28, 2023

A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1... Moderate Unreviewed

CVE-2023-43233 was published Sep 28, 2023

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed

CVE-2023-41445 was published Sep 28, 2023

Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross... Moderate Unreviewed

CVE-2023-4523 was published Sep 27, 2023

Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category. Moderate Unreviewed

CVE-2023-44048 was published Sep 27, 2023

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed

CVE-2023-20179 was published Sep 27, 2023

The Options for Twenty Seventeen plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-5162 was published Sep 27, 2023

Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products... Moderate Unreviewed

CVE-2023-44207 was published Sep 27, 2023

The Simple Cloudflare Turnstile plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2023-5135 was published Sep 27, 2023

The Modal Window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed

CVE-2023-5161 was published Sep 27, 2023

The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for... Moderate Unreviewed

CVE-2023-4423 was published Sep 27, 2023

A cross-site scripting (XSS) vulnerability in the Add User function of Small CRM v3.0 allows... Moderate Unreviewed

CVE-2023-43331 was published Sep 27, 2023

Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2023-43857 was published Sep 27, 2023

A stored cross-site scripting (XSS) vulnerability in the Website column management function of... Moderate Unreviewed

CVE-2023-43232 was published Sep 27, 2023

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

32,669 advisories