Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

513 advisories

Loading
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40815 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40814 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40816 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40817 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40809 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40810 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
Cross-site Scripting in OpenCRX Moderate
CVE-2023-40812 was published for org.opencrx:opencrx-core-models (Maven) Nov 18, 2023
OpenNMS Cross-site Scripting vulnerability Moderate
CVE-2023-40314 was published for org.opennms:opennms-webapp (Maven) Nov 17, 2023
xxl-job-admin vulnerable to Cross Site Scripting Moderate
CVE-2023-48088 was published for com.xuxueli:xxl-job-admin (Maven) Nov 15, 2023
Yamcs Cross-site Scripting vulnerability Moderate
CVE-2023-45280 was published for org.yamcs:yamcs (Maven) Oct 20, 2023
Yamcs Cross-site Scripting vulnerability Moderate
CVE-2023-45279 was published for org.yamcs:yamcs (Maven) Oct 20, 2023
mXSS in AntiSamy Moderate
CVE-2023-43643 was published for org.owasp.antisamy:antisamy (Maven) Oct 9, 2023
spassarop leeN
davewichers
HTML injection vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-41944 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Sep 6, 2023
XSS vulnerability in Jenkins Job Configuration History Plugin Moderate
CVE-2023-41931 was published for org.jenkins-ci.plugins:jobConfigHistory (Maven) Sep 6, 2023
Stored XSS vulnerability in Jenkins TAP Plugin Moderate
CVE-2023-41940 was published for org.tap4j:tap (Maven) Sep 6, 2023
Jenkins Fortify Plugin HTML injection vulnerability Moderate
CVE-2023-4303 was published for org.jenkins-ci.plugins:fortify (Maven) Aug 22, 2023
XWiki Platform Stored Cross-site Scripting in the user profile via the timezone displayer Moderate
CVE-2023-40176 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 21, 2023
OpenNMS vulnerable to Cross-site Scripting Moderate
CVE-2023-40312 was published for org.opennms:opennms-webapp (Maven) Aug 14, 2023
OpenNMS vulnerable to Cross-site Scripting Moderate
CVE-2023-40311 was published for org.opennms:opennms-webapp (Maven) Aug 14, 2023
Cross-site Scripting in healthcheck webconsole plugin Moderate
CVE-2023-38435 was published for org.apache.felix:org.apache.felix.healthcheck.webconsoleplugin (Maven) Jul 25, 2023
Alkacon OpenCMS arbitrary file upload vulnerability Moderate
CVE-2023-37602 was published for org.opencms:opencms-core (Maven) Jul 20, 2023
Duplicate Advisory: jQuery Cross Site Scripting vulnerability Moderate
CVE-2020-23064 was published for jQuery (RubyGems) Jun 26, 2023 withdrawn
eoftedal
Broadleaf vulnerable to Cross-site Scripting Moderate
CVE-2023-33725 was published for org.broadleafcommerce:broadleaf (Maven) Jun 21, 2023
Alluxio Cross Site Scripting vulnerability Moderate
CVE-2020-21485 was published for org.alluxio:alluxio-parent (Maven) Jun 20, 2023
Stored XSS vulnerability in Jenkins Maven Repository Server Plugin Moderate
CVE-2023-35143 was published for jenkins:repository (Maven) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database