Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,570 advisories

Loading
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows... Moderate Unreviewed
CVE-2022-47102 was published Jan 13, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... Moderate Unreviewed
CVE-2022-3573 was published Jan 12, 2023
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community... Moderate Unreviewed
CVE-2019-10067 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student... Moderate Unreviewed
CVE-2022-46503 was published Jan 12, 2023
An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used... Moderate Unreviewed
CVE-2021-46872 was published Jan 13, 2023
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2.... Moderate Unreviewed
CVE-2009-10001 was published Jan 13, 2023
The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the... Moderate Unreviewed
CVE-2022-3904 was published Jan 16, 2023
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic.... Moderate Unreviewed
CVE-2023-0327 was published Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2022-4330 was published Jan 16, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote... Moderate Unreviewed
CVE-2022-39195 was published Jan 17, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize... Moderate Unreviewed
CVE-2022-4442 was published Jan 16, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its... Moderate Unreviewed
CVE-2022-4464 was published Jan 16, 2023
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4487 was published Jan 16, 2023
A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite. Moderate Unreviewed
CVE-2022-40704 was published Jan 17, 2023
The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some... Moderate Unreviewed
CVE-2022-4460 was published Jan 16, 2023
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 ... Moderate Unreviewed
CVE-2019-11429 was published May 24, 2022
The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode... Moderate Unreviewed
CVE-2022-4431 was published Jan 16, 2023
The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4451 was published Jan 16, 2023
The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode... Moderate Unreviewed
CVE-2022-4453 was published Jan 16, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php ... Moderate Unreviewed
CVE-2019-13387 was published May 24, 2022
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the... Moderate Unreviewed
CVE-2019-12190 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a... Moderate Unreviewed
CVE-2019-13476 was published May 24, 2022
The Font Awesome WordPress plugin before 4.3.2 does not validate and escapes some of its... Moderate Unreviewed
CVE-2022-4478 was published Jan 16, 2023
The WP Video Lightbox WordPress plugin before 1.9.7 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4465 was published Jan 16, 2023
The Simple Membership WordPress plugin before 4.2.2 does not validate and escape some of its... Moderate Unreviewed
CVE-2022-4469 was published Jan 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database