Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
usememos/memos vulnerable to stored Cross-site Scripting Moderate
CVE-2022-4691 was published for github.com/usememos/memos (Go) Dec 27, 2022
usememos/memos vulnerable to stored Cross-site Scripting Moderate
CVE-2022-4692 was published for github.com/usememos/memos (Go) Dec 23, 2022
usememos/memos vulnerable to stored cross-site scripting (XSS) Moderate
CVE-2022-4690 was published for github.com/usememos/memos (Go) Dec 23, 2022
studygolang vulnerable to cross-site scripting Moderate
CVE-2021-4272 was published for github.com/studygolang/studygolang (Go) Dec 21, 2022
andrewpollock
leanote vulnerable to cross-site scripting Moderate
CVE-2021-4263 was published for github.com/leanote/leanote (Go) Dec 21, 2022
Memos Cross-site Scripting vulnerability Moderate
CVE-2022-4609 was published for github.com/usememos/memos (Go) Dec 19, 2022
csaf-poc/csaf_distribution Cross-site Scripting vulnerability Moderate
CVE-2022-43996 was published for github.com/csaf-poc/csaf_distribution (Go) Dec 14, 2022
tdunlap607
Alist Cross-site Scripting vulnerability Moderate
CVE-2022-45970 was published for github.com/alist-org/alist/v3 (Go) Dec 12, 2022
mm-wiki is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2021-40289 was published for github.com/phachon/mm-wiki (Go) Nov 10, 2022
Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload Moderate
CVE-2022-40931 was published for github.com/dutchcoders/transfer.sh (Go) Sep 30, 2022
Cross site scripting in Cloudreve Moderate
CVE-2022-32167 was published for github.com/HFO4/cloudreve (Go) Sep 21, 2022
renbaoshuo
SFTPGo WebClient vulnerable to Cross-site Scripting Moderate
CVE-2022-39220 was published for github.com/drakkan/sftpgo (Go) Sep 20, 2022
ouqiang gocron Cross-site scripting vulnerability Moderate
CVE-2022-40365 was published for github.com/ouqiang/gocron (Go) Sep 15, 2022
Cross-site Scripting vulnerability in repository issue list in Gogs Moderate
CVE-2022-31038 was published for gogs.io/gogs (Go) Jun 8, 2022
wuhan005
Stored Cross-site Scripting in gitea Moderate
CVE-2022-1928 was published for code.gitea.io/gitea (Go) May 30, 2022
openark/orchestrator cross-site scripting vulnerability Moderate
CVE-2021-27940 was published for github.com/openark/orchestrator (Go) May 24, 2022
InfluxDB Reflected Cross-site Scripting Moderate
CVE-2018-17572 was published for github.com/influxdata/influxdb (Go) May 24, 2022
Cross-site Scripting in Gogs Moderate
CVE-2022-1464 was published for gogs.io/gogs (Go) May 24, 2022
HashiCorp Consul Cross-site Scripting vulnerability Moderate
CVE-2020-25864 was published for github.com/hashicorp/consul (Go) May 24, 2022
Rancher Cross-site Scripting Vulnerability Moderate
CVE-2021-25313 was published for github.com/rancher/rancher (Go) May 24, 2022
Grafana XSS via a query alias for the ElasticSearch datasource Moderate
CVE-2020-24303 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana stored XSS Moderate
CVE-2020-11110 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana XSS via a column style Moderate
CVE-2018-18624 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana XSS via the OpenTSDB datasource Moderate
CVE-2020-13430 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana XSS in header column rename Moderate
CVE-2020-12245 was published for github.com/grafana/grafana (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database