Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

516 advisories

Loading
GeoServer's Style Publisher vulnerable to Stored Cross-Site Scripting (XSS) Moderate
CVE-2024-23640 was published for org.geoserver:gs-main (Maven) Mar 20, 2024
sikeoka
Stored Cross-Site Scripting (XSS) vulnerability in GeoServer's REST Resources API Moderate
CVE-2023-51445 was published for org.geoserver:gs-restconfig (Maven) Mar 20, 2024
thomsmith VertigoM
Jenkins iceScrum Plugin vulnerable to stored Cross-site Scripting Moderate
CVE-2024-28160 was published for org.jenkins-ci.plugins:icescrum (Maven) Mar 6, 2024
Apache Archiva Reflected Cross-site Scripting vulnerability Moderate
CVE-2024-27140 was published for org.apache.archiva:archiva-common (Maven) Mar 1, 2024
oscerd
Apache Ambari: Various Cross site scripting problems Moderate
CVE-2023-50378 was published for org.apache.ambari:ambari (Maven) Mar 1, 2024
oscerd
Liferay Portal Calendar module and Liferay DXP vulnerable to Cross-site Scripting, content spoofing Moderate
CVE-2024-25151 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 21, 2024
Cross-site Scripting Vulnerability in Statement Browser Moderate
CVE-2024-26140 was published for com.yetanalytics:lrs (Maven) Feb 21, 2024
cliffcaseyyet milt
Malicious input can provoke XSS when preserving comments Moderate
CVE-2024-23635 was published for org.owasp.antisamy:antisamy (Maven) Feb 2, 2024
spassarop leeN
rbri davewichers
Cross-site Scripting in JFinal Moderate
CVE-2024-22497 was published for com.jfinal:jfinal (Maven) Jan 23, 2024
Cross-site Scripting in beetl-bbs Moderate
CVE-2024-22490 was published for com.ibeetl:beetl (Maven) Jan 23, 2024
Cross-site Scripting in JFinal Moderate
CVE-2024-22496 was published for com.jfinal:jfinal (Maven) Jan 23, 2024
JavaScript execution via malicious molfiles (XSS) Moderate
CVE-2024-0758 was published for de.ipb-halle:molecularfaces (Maven) Jan 19, 2024
Stored Cross Site Scripting in beetl-bbs Moderate
CVE-2024-22491 was published for com.ibeetl:beetl (Maven) Jan 16, 2024
Cross-site Scripting in JFinal Moderate
CVE-2024-22492 was published for com.jfinal:jfinal (Maven) Jan 12, 2024
Cross-site Scripting in JFinal Moderate
CVE-2024-22493 was published for com.jfinal:jfinal (Maven) Jan 12, 2024
Qualys Jenkins Plugin for Policy Compliance Cross-site Scripting vulnerability Moderate
CVE-2023-6148 was published for com.qualys.plugins:qualys-pc (Maven) Jan 9, 2024
OpenCRX Cross-site Scripting vulnerability Moderate
CVE-2023-27150 was published for org.opencrx:opencrx-core (Maven) Dec 26, 2023
WSO2 Registry Stored Cross Site Scripting (XSS) vulnerability Moderate
CVE-2023-6911 was published for org.wso2.carbon.registry:carbon-registry (Maven) Dec 22, 2023
Xnx3 Wangmarket Cross-Site Scripting vulnerability Moderate
CVE-2023-6886 was published for com.xnx3.wangmarket:wangmarket (Maven) Dec 17, 2023
Cross-site Scripting in JFinalcms Moderate
CVE-2023-50100 was published for com.jfinal:jfinal (Maven) Dec 14, 2023
Cross-site Scripting in JFinalcms Moderate
CVE-2023-50101 was published for com.jfinal:jfinal (Maven) Dec 14, 2023
Cross-site Scripting in JFinalcms Moderate
CVE-2023-50102 was published for com.jfinal:jfinal (Maven) Dec 14, 2023
Cross-site Scripting in JFinalcms Moderate
CVE-2023-50137 was published for com.jfinal:jfinal (Maven) Dec 14, 2023
Cross-site Scripting in silverpeas Moderate
CVE-2023-47324 was published for org.silverpeas.core:silverpeas-core-api (Maven) Dec 13, 2023
Cross-site Scripting in JFinalCMS Moderate
CVE-2023-49486 was published for com.jfinal:jfinal (Maven) Dec 8, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database