GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
68 advisories
Filter by severity
Stored Cross-Site Scripting vulnerability in admin component of DotNetNuke
Moderate
CVE-2019-12562
was published
for
DotNetNuke.Core
(NuGet)
Nov 18, 2019
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN)
Moderate
CVE-2016-7119
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects DotNetNuke.Core
Moderate
CVE-2015-1566
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Cross site scripting in SiteServer CMS
Moderate
CVE-2021-42656
was published
for
SSCMS
(NuGet)
May 25, 2022
Cross-site Scripting in ZKEACMS
Moderate
CVE-2022-29362
was published
for
ZKEACMS.Publisher
(NuGet)
May 26, 2022
Cross site scripting attack in ServiceStack Framework
Moderate
CVE-2019-1010199
was published
for
ServiceStack
(NuGet)
May 24, 2022
OrchardCore vulnerable to HTML injection
Moderate
CVE-2022-32173
was published
for
OrchardCore
(NuGet)
Oct 4, 2022
Cross-site scripting vulnerability in TinyMCE alerts
Moderate
CVE-2022-23494
was published
for
TinyMCE
(Composer)
Dec 8, 2022
Cross-site scripting in CLEditor
Moderate
CVE-2019-1010113
was published
for
CLEditor
(NuGet)
Jul 26, 2019
Cross-site Scripting in PiranhaCMS
Moderate
CVE-2021-25977
was published
for
Piranha
(NuGet)
Oct 27, 2021
orchardcore is vulnerable to Cross-site Scripting
Moderate
CVE-2022-0159
was published
for
OrchardCore
(NuGet)
Jan 21, 2022
Cross-site Scripting OrchardCore.Application.Cms.Targets
Moderate
CVE-2022-0274
was published
for
OrchardCore.Application.Cms.Targets
(NuGet)
Jan 21, 2022
Cross-Site Scripting in jquery
Moderate
CVE-2012-6708
was published
for
jQuery
(RubyGems)
Sep 1, 2020
GleamTech FileUltimate Cross-site Scripting
Moderate
CVE-2020-15015
was published
for
GleamTech.FileUltimate
(NuGet)
May 24, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2018-17256
was published
for
umbraco
(NuGet)
May 14, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2020-5809
was published
for
UmbracoCms.Core
(NuGet)
May 24, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
Moderate
CVE-2013-4649
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values
Moderate
CVE-2007-0660
was published
for
DotNetNuke.Core
(NuGet)
May 1, 2022
Cross-Site Scripting (XSS) in jquery
Moderate
CVE-2015-9251
was published
for
jQuery
(RubyGems)
Jan 22, 2018
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
Moderate
CVE-2016-7103
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
XSS in `*Text` options of the Datepicker widget in jquery-ui
Moderate
CVE-2021-41183
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 26, 2021
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
XSS in the `altField` option of the Datepicker widget in jquery-ui
Moderate
CVE-2021-41182
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 26, 2021
ProTip!
Advisories are also available from the
GraphQL API