GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,225 advisories
Filter by severity
Zenario's Tree Explorer tool from Organizer affected by Cross-site Scripting
Moderate
CVE-2024-34460
was published
for
tribalsystems/zenario
(Composer)
May 4, 2024
CSRF leading to delete account in wallabag/wallabag
Moderate
CVE-2023-0737
was published
for
wallabag/wallabag
(Composer)
Nov 15, 2024
Improper Authorization in dolibarr/dolibarr
Moderate
CVE-2021-3991
was published
for
dolibarr/dolibarr
(Composer)
Nov 15, 2024
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php
High
CVE-2024-51496
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php
High
CVE-2024-51497
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php
High
CVE-2024-51495
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php
High
CVE-2024-51494
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints
High
CVE-2024-50355
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php
High
CVE-2024-50352
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php
High
CVE-2024-50351
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php
High
CVE-2024-50350
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php
High
CVE-2024-49764
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php
High
CVE-2024-49759
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a stored XSS in ExamplePlugin with Device's Notes
Moderate
CVE-2024-49758
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php
High
CVE-2024-49754
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Improper Restriction of XML External Entity Reference in dompdf/dompdf
Critical
CVE-2021-3902
was published
for
dompdf/dompdf
(Composer)
Nov 15, 2024
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php
High
CVE-2024-52526
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Cross site scripting in sylius/sylius
Moderate
CVE-2021-3841
was published
for
sylius/sylius
(Composer)
Nov 15, 2024
Deserialization of Untrusted Data in dompdf/dompdf
Critical
CVE-2021-3838
was published
for
dompdf/dompdf
(Composer)
Nov 15, 2024
Cross-site Scripting (XSS) in Conditions tab of Pricing Rules
Moderate
CVE-2023-2332
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
LibreNMS has an Authenticated OS Command Injection
Critical
CVE-2024-51092
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Laravel environment manipulation via query string
High
CVE-2024-52301
was published
for
laravel/framework
(Composer)
Nov 12, 2024
Moodle Cross-site Scripting (XSS)
Moderate
CVE-2024-34000
was published
for
moodle/moodle
(Composer)
May 31, 2024
Symfony has an Authentication Bypass via RememberMe
High
CVE-2024-51996
was published
for
symfony/security-http
(Composer)
Nov 13, 2024
Kimai has an XXE Leading to Local File Read
High
GHSA-534c-hcr7-67jg
was published
for
kimai/kimai
(Composer)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API