GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,817

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

30,088 advisories

Filter by severity

Sort by

Least recently updated

Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin <= 5.0... Moderate Unreviewed

CVE-2022-47433 was published Mar 29, 2023

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WpDevArt Booking calendar,... Moderate Unreviewed

CVE-2022-47438 was published Mar 29, 2023

Apache Archiva vulnerable to privilege escalation via stored cross-site scripting (XSS) Moderate

CVE-2023-28158 was published for org.apache.archiva:archiva (Maven) Mar 29, 2023

The Mega Main Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via some of... Moderate Unreviewed

CVE-2023-1575 was published Mar 29, 2023

Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via... Moderate Unreviewed

CVE-2023-26982 was published Mar 29, 2023

A vulnerability classified as problematic was found in SourceCodester Earnings and Expense... Moderate Unreviewed

CVE-2023-1689 was published Mar 29, 2023

A vulnerability, which was classified as problematic, has been found in SourceCodester Earnings... Moderate Unreviewed

CVE-2023-1690 was published Mar 29, 2023

A vulnerability was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. It has been... Moderate Unreviewed

CVE-2023-1686 was published Mar 29, 2023

A vulnerability classified as problematic has been found in SourceCodester Simple Task Allocation... Moderate Unreviewed

CVE-2023-1687 was published Mar 29, 2023

A vulnerability classified as problematic has been found in SourceCodester Earnings and Expense... Moderate Unreviewed

CVE-2023-1688 was published Mar 29, 2023

Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized... Moderate Unreviewed

CVE-2023-28648 was published Mar 28, 2023

A Cross-site scripting (XSS) vulnerability in the function encrypt_password() in login.tmpl.php... Moderate Unreviewed

CVE-2023-27008 was published Mar 28, 2023

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Themeisle Visualizer:... Moderate Unreviewed

CVE-2022-46848 was published Mar 28, 2023

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in biplob018 Image Hover Effects for... Moderate Unreviewed

CVE-2022-45831 was published Mar 28, 2023

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in iThemes WPComplete plugin <= 2.9.2... Moderate Unreviewed

CVE-2022-45825 was published Mar 28, 2023

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager... Moderate Unreviewed

CVE-2022-46863 was published Mar 28, 2023

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP Darko Responsive... Moderate Unreviewed

CVE-2022-46855 was published Mar 28, 2023

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehjabin Orthi Interactive SVG... Moderate Unreviewed

CVE-2023-25704 was published Mar 28, 2023

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Unlimited Elements Unlimited... Moderate Unreviewed

CVE-2022-47170 was published Mar 28, 2023

Fluid Components TYPO3 extension vulnerable to Cross-Site Scripting Moderate

CVE-2023-28604 was published for sitegeist/fluid-components (Composer) Mar 27, 2023

An unauthenticated remote attacker could force all authenticated users, such as administrative... Moderate Unreviewed

CVE-2023-22300 was published Mar 27, 2023

A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized... Moderate Unreviewed

CVE-2023-28655 was published Mar 27, 2023

The WP Image Carousel WordPress plugin through 1.0.2 does not sanitise and escape some parameters... Moderate Unreviewed

CVE-2023-0589 was published Mar 27, 2023

The Smart Slider 3 WordPress plugin before 3.5.1.14 does not properly validate and escape some of... Moderate Unreviewed

CVE-2023-0660 was published Mar 27, 2023

The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin before 2.4.7 does not validate... Moderate Unreviewed

CVE-2023-0823 was published Mar 27, 2023

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,088 advisories