Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,694 advisories

Loading
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ulf Benjaminsson WP-dTree plugin <=... Moderate Unreviewed
CVE-2023-41662 was published Sep 29, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pensopay WooCommerce PensoPay... Moderate Unreviewed
CVE-2023-41691 was published Sep 29, 2023
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Stockdio Stock Quotes... Moderate Unreviewed
CVE-2023-41666 was published Sep 29, 2023
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Irina Sokolovskaya Goods... Moderate Unreviewed
CVE-2023-41687 was published Sep 29, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Giovambattista Fazioli WP Bannerize... Moderate Unreviewed
CVE-2023-41663 was published Sep 29, 2023
A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management... Moderate Unreviewed
CVE-2023-43944 was published Sep 29, 2023
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin... Moderate Unreviewed
CVE-2023-39308 was published Sep 29, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <... Moderate Unreviewed
CVE-2023-41655 was published Sep 29, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Photo... Moderate Unreviewed
CVE-2023-41658 was published Sep 29, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. HollerBox... Moderate Unreviewed
CVE-2023-41657 was published Sep 29, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PressPage Entertainment Inc.... Moderate Unreviewed
CVE-2023-41661 was published Sep 29, 2023
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when... Moderate Unreviewed
CVE-2023-26147 was published Sep 29, 2023
All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that... Moderate Unreviewed
CVE-2023-26146 was published Sep 29, 2023
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Stored Cross-Site... Moderate Unreviewed
CVE-2023-44174 was published Sep 29, 2023
Online Movie Ticket Booking System v1.0 is vulnerable to an authenticated Reflected Cross-Site... Moderate Unreviewed
CVE-2023-44173 was published Sep 28, 2023
Subrion CMS Cross-site Scripting vulnerability Moderate
CVE-2023-43884 was published for intelliants/subrion (Composer) Sep 28, 2023
Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to... Moderate Unreviewed
CVE-2023-43874 was published Sep 28, 2023
Withdrawn Advisory: October Cross-site Scripting vulnerability Moderate
CVE-2023-43876 was published for october/cms (Composer) Sep 28, 2023 withdrawn
daftspunk
A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with... Moderate Unreviewed
CVE-2023-43871 was published Sep 28, 2023
Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute... Moderate Unreviewed
CVE-2023-43879 was published Sep 28, 2023
A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute... Moderate Unreviewed
CVE-2023-43873 was published Sep 28, 2023
There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application... Moderate Unreviewed
CVE-2022-47187 was published Sep 28, 2023
Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to... Moderate Unreviewed
CVE-2023-43878 was published Sep 28, 2023
A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf... Moderate Unreviewed
CVE-2023-43872 was published Sep 28, 2023
quill-mention Cross-site Scripting vulnerability Moderate
CVE-2023-26149 was published for quill-mention (npm) Sep 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database