GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
425 advisories
Filter by severity
Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php
High
CVE-2024-49759
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php
High
CVE-2024-51497
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php
High
CVE-2024-49754
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php
High
CVE-2024-49764
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php
High
CVE-2024-51494
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php
High
CVE-2024-50350
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php
High
CVE-2024-51495
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php
High
CVE-2024-50352
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php
High
CVE-2024-52526
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php
High
CVE-2024-51496
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php
High
CVE-2024-50351
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Jenkins HTML Publisher Plugin does not properly sanitize input
High
CVE-2024-28149
was published
for
org.jenkins-ci.plugins:htmlpublisher
(Maven)
Mar 6, 2024
Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability
High
CVE-2024-54003
was published
for
io.jenkins.plugins:simple-queue
(Maven)
Nov 27, 2024
Jenkins HTML Publisher Plugin Stored XSS vulnerability
High
CVE-2024-28150
was published
for
org.jenkins-ci.plugins:htmlpublisher
(Maven)
Mar 6, 2024
XBlock vulnerable to Cross-Site Scripting (XSS)
High
CVE-2022-46147
was published
for
xblock-drag-and-drop-v2
(pip)
Dec 2, 2022
Cross-site Scripting potential in custom links, job buttons, and computed fields
High
CVE-2023-48705
was published
for
nautobot
(pip)
Nov 22, 2023
Cross-site Scripting Vulnerability on Avatar Upload
High
CVE-2023-47115
was published
for
label-studio
(pip)
Jan 24, 2024
HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through
High
CVE-2024-52595
was published
for
lxml-html-clean
(pip)
Nov 19, 2024
Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled
High
CVE-2022-41905
was published
for
wsgidav
(pip)
Nov 16, 2022
Wagtail vulnerable to stored Cross-site Scripting attack via ModelAdmin views
High
CVE-2023-28836
was published
for
wagtail
(pip)
Apr 3, 2023
Improper validation of URLs ('Cross-site Scripting') in Wagtail rich text fields
High
CVE-2021-29434
was published
for
wagtail
(pip)
Apr 20, 2021
Cross Site Scripting vulnerability in Snipe-IT
High
CVE-2024-51093
was published
for
snipe/snipe-it
(Composer)
Nov 12, 2024
ICEcoder vulnerable to Cross Site Scripting
High
CVE-2024-41374
was published
for
icecoder/icecoder
(Composer)
Jul 26, 2024
ICEcoder vulnerable to Cross Site Scripting
High
CVE-2024-41375
was published
for
icecoder/icecoder
(Composer)
Jul 26, 2024
ProTip!
Advisories are also available from the
GraphQL API