GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,487
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,614
Maven 6,093
npm 4,254
NuGet 760
pip 4,031
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,551

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,515 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

hoppscotch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2022-0121 was published Jan 7, 2022

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. High Unreviewed

CVE-2022-21932 was published Jan 12, 2022

On BIG-IP DNS & GTM version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and... High Unreviewed

CVE-2022-23013 was published Jan 26, 2022

On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access... High Unreviewed

CVE-2022-23008 was published Jan 26, 2022

textpattern 4.8.7 is vulnerable to Cross Site Scripting (XSS) via /textpattern/index.php,Body. A... High Unreviewed

CVE-2021-44082 was published Mar 31, 2022

Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin... High Unreviewed

CVE-2022-1347 was published Apr 14, 2022

A remote attacker with write access to PI ProcessBook files could inject code that is imported... High Unreviewed

CVE-2020-25163 was published Apr 19, 2022

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to... High Unreviewed

CVE-2004-1875 was published Apr 29, 2022

Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass... High Unreviewed

CVE-2007-3482 was published May 1, 2022

Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and... High Unreviewed

CVE-2008-0454 was published May 1, 2022

The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for... High Unreviewed

CVE-2013-4225 was published May 5, 2022

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from admin to super-admin... High Unreviewed

CVE-2021-25267 was published May 6, 2022

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to... High Unreviewed

CVE-2021-25268 was published May 6, 2022

On 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to... High Unreviewed

CVE-2022-28716 was published May 6, 2022

PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit family, IEC104 Security Proxy... High Unreviewed

CVE-2019-6528 was published May 13, 2022

Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to... High Unreviewed

CVE-2018-13359 was published May 13, 2022

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly... High Unreviewed

CVE-2019-0668 was published May 13, 2022

Command injection in Nagios XI before 5.5.11 allows an authenticated users to execute arbitrary... High Unreviewed

CVE-2019-9164 was published May 13, 2022

Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS... High Unreviewed

CVE-2017-8899 was published May 13, 2022

The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history... High Unreviewed

CVE-2011-3046 was published May 13, 2022

Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a... High Unreviewed

CVE-2017-12343 was published May 13, 2022

A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can... High Unreviewed

CVE-2017-10612 was published May 13, 2022

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite ... High Unreviewed

CVE-2017-3557 was published May 13, 2022

Microsoft SharePoint Server allows an elevation of privilege vulnerability due to the way that it... High Unreviewed

CVE-2017-8569 was published May 13, 2022

In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API. High Unreviewed

CVE-2017-9062 was published May 13, 2022

Previous1…101 Next

Previous 1 2 3 4 5 … 100 101 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,515 advisories