Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,465
Erlang
33
GitHub Actions
22
Go
2,164
Maven
5,000+
npm
3,821
NuGet
696
pip
3,503
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,669 advisories

Loading
MODX allows cross-site scripting (XSS) via an SVG file Low
CVE-2025-28010 was published for modx/revolution (Composer) Mar 13, 2025
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2011-4344 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2015-1813 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Jenkins Monitoring Plugin allows Cross-Site Scripting (XSS) Moderate
CVE-2014-3678 was published for org.jvnet.hudson.plugins:monitoring (Maven) May 17, 2022
Jenkins allows Cross-Site Scripting (XSS) in User Configuration Low
CVE-2013-5573 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Jenkins Build Failure Analyzer Plugin allows Cross-Site Scripting (XSS) Low
CVE-2013-6374 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 17, 2022
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject... Moderate Unreviewed
CVE-2023-35006 was published Jul 10, 2024
D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs... Moderate Unreviewed
CVE-2024-33111 was published May 6, 2024
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-2324 was published May 2, 2024
Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows... Moderate Unreviewed
CVE-2024-32341 was published Apr 17, 2024
Cross Site Scripting (XSS) vulnerability in Typora v.1.6.7 and before, allows a local attacker to... Moderate Unreviewed
CVE-2024-31783 was published Apr 16, 2024
An arbitrary file upload vulnerability in the Add Media function of SKINsoft S-Museum v7.02.3... Moderate Unreviewed
CVE-2024-25801 was published Feb 22, 2024
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22219 was published Jan 30, 2025
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22277 was published Jul 4, 2024
Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker... Moderate Unreviewed
CVE-2024-21584 was published Mar 12, 2024
Jenkins Extra Columns Plugin allows Cross-Site Scripting (XSS) Moderate
CVE-2016-3101 was published for org.jenkins-ci.plugins:extra-columns (Maven) May 13, 2022
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2012-6074 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2015-5326 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Jenkins allows Cross-Site Scripting (XSS) Low
CVE-2012-0325 was published for org.jenkins-ci.main:jenkins-core (Maven) May 4, 2022
A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could... Moderate Unreviewed
CVE-2025-23057 was published Jan 28, 2025
Nagios XI before 5.11.3 2024R1 was discovered to improperly handle API keys generation (randomly... Critical Unreviewed
CVE-2023-48082 was published Oct 14, 2024
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22221 was published Jan 30, 2025
A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could... Moderate Unreviewed
CVE-2025-23056 was published Jan 28, 2025
A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could... Moderate Unreviewed
CVE-2025-23055 was published Jan 28, 2025
A vulnerability was found in Asus RT-N12E 2.0.0.19. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-1354 was published Feb 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database