Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,694 advisories

Loading
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard. Moderate Unreviewed
CVE-2023-44275 was published Sep 28, 2023
The Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2023-5233 was published Sep 28, 2023
The Font Awesome More Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-5232 was published Sep 28, 2023
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard. Moderate Unreviewed
CVE-2023-44276 was published Sep 28, 2023
The TM WooCommerce Compare & Wishlist plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-5230 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41447 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41446 was published Sep 28, 2023
Microweber Cross-site Scripting vulnerability Moderate
CVE-2023-5244 was published for microweber/microweber (Composer) Sep 28, 2023
JFinalCMS foreground message can be embedded malicious code saved in the database. When users... Moderate Unreviewed
CVE-2023-43191 was published Sep 28, 2023
A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component of YZNCMS v1... Moderate Unreviewed
CVE-2023-43233 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41448 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41451 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41453 was published Sep 28, 2023
Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to... Moderate Unreviewed
CVE-2023-41445 was published Sep 28, 2023
Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site Scripting (XSS) via add category. Moderate Unreviewed
CVE-2023-44048 was published Sep 27, 2023
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross... Moderate Unreviewed
CVE-2023-4523 was published Sep 27, 2023
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly... Moderate Unreviewed
CVE-2023-20179 was published Sep 27, 2023
The Options for Twenty Seventeen plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-5162 was published Sep 27, 2023
The WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin for... Moderate Unreviewed
CVE-2023-4423 was published Sep 27, 2023
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products... Moderate Unreviewed
CVE-2023-44207 was published Sep 27, 2023
The Modal Window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2023-5161 was published Sep 27, 2023
The Simple Cloudflare Turnstile plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2023-5135 was published Sep 27, 2023
Subrion CMS Cross-site Scripting vulnerability in /panel/languages Moderate
CVE-2023-43828 was published for intelliants/subrion (Composer) Sep 27, 2023
Subrion CMS XSS in /panel/configuration/financial/ Moderate
CVE-2023-43830 was published for intelliants/subrion (Composer) Sep 27, 2023
A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute... Moderate Unreviewed
CVE-2023-43263 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database