GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
151 advisories
Filter by severity
Lithium vulnerable to Cross Site Scripting in provided Swagger-UI
High
GHSA-f36p-42jv-8rh2
was published
for
com.wire.bots:lithium
(Maven)
Sep 30, 2022
Gravitee API Management contains Path Traversal
High
CVE-2022-38723
was published
for
io.gravitee.apim:gravitee-api-management
(Maven)
Jan 4, 2023
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin
High
CVE-2022-29045
was published
for
org.jenkins-ci.plugins:promoted-builds
(Maven)
Apr 13, 2022
Cross-site Scripting in Filter Stream Converter Application in XWiki Platform
High
CVE-2022-29258
was published
for
org.xwiki.platform:xwiki-platform-filter-ui
(Maven)
Jun 1, 2022
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form
High
CVE-2022-36097
was published
for
org.xwiki.platform:xwiki-platform-attachment-ui
(Maven)
Sep 16, 2022
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history
High
CVE-2022-36094
was published
for
org.xwiki.platform:xwiki-platform-web
(Maven)
Sep 16, 2022
Cross-site Scripting in wiki manager join wiki page
High
CVE-2022-29252
was published
for
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
(Maven)
May 25, 2022
XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list
High
CVE-2022-36096
was published
for
org.xwiki.platform:xwiki-platform-index-ui
(Maven)
Sep 16, 2022
Cross-site Scripting in the Flamingo theme manager
High
CVE-2022-29251
was published
for
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
(Maven)
May 25, 2022
JSPUI Possible Cross Site Scripting in "Request a Copy" Feature
High
CVE-2022-31192
was published
for
org.dspace:dspace-jspui
(Maven)
Aug 6, 2022
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin
High
CVE-2022-29039
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
Apr 13, 2022
Cross-site Scripting in Jenkins Rundeck Plugin
High
CVE-2022-30956
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 18, 2022
Cross site scripting in Jenkins Selection tasks Plugin
High
CVE-2022-30967
was published
for
org.jvnet.hudson.plugins:selection-tasks-plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin
High
CVE-2022-30962
was published
for
org.jenkins-ci.plugins:global-variable-string-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Application Detector Plugin
High
CVE-2022-30960
was published
for
org.jenkins-ci.plugins:app-detector
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30970
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins vboxwrapper Plugin
High
CVE-2022-30968
was published
for
org.jenkins-ci.plugins:vboxwrapper
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins JDK Parameter Plugin
High
CVE-2022-30963
was published
for
org.jenkins-ci.plugins:JDK_Parameter_Plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30961
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Multiselect parameter Plugin
High
CVE-2022-30964
was published
for
io.jenkins.plugins:multiselect-parameter
(Maven)
May 18, 2022
Stored Cross-site Scripting vulnerabilities in Jenkins promoted Builds (Simple) plugin providing additional parameter types
High
CVE-2022-30965
was published
for
org.jenkins-ci.plugins:promoted-builds-simple
(Maven)
May 18, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
High
CVE-2022-36905
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jul 28, 2022
Cross-site Scripting in Jenkins Spring Config Plugin
High
CVE-2022-46687
was published
for
io.jenkins.plugins:spring-config
(Maven)
Dec 12, 2022
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
High
CVE-2022-34786
was published
for
org.jenkins-ci.plugins:rich-text-publisher-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
High
CVE-2022-34791
was published
for
io.jenkins.plugins:validating-email-parameter
(Maven)
Jul 1, 2022
ProTip!
Advisories are also available from the
GraphQL API