GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
26,872 advisories
Filter by severity
A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows...
Moderate
Unreviewed
CVE-2022-47102
was published
Jan 13, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15...
Moderate
Unreviewed
CVE-2022-3573
was published
Jan 12, 2023
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community...
Moderate
Unreviewed
CVE-2019-10067
was published
May 24, 2022
A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student...
Moderate
Unreviewed
CVE-2022-46503
was published
Jan 12, 2023
An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used...
Moderate
Unreviewed
CVE-2021-46872
was published
Jan 13, 2023
A vulnerability classified as problematic was found in jianlinwei cool-php-captcha up to 0.2....
Moderate
Unreviewed
CVE-2009-10001
was published
Jan 13, 2023
The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the...
Moderate
Unreviewed
CVE-2022-3904
was published
Jan 16, 2023
A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic....
Moderate
Unreviewed
CVE-2023-0327
was published
Jan 16, 2023
The WP Attachments WordPress plugin through 5.0.5 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2022-4330
was published
Jan 16, 2023
The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize...
Moderate
Unreviewed
CVE-2022-4442
was published
Jan 16, 2023
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote...
Moderate
Unreviewed
CVE-2022-39195
was published
Jan 17, 2023
Themify Portfolio Post WordPress plugin before 1.2.1 does not validate and escapes some of its...
Moderate
Unreviewed
CVE-2022-4464
was published
Jan 16, 2023
A XSS vulnerability was found in phoromatic_r_add_test_details.php in phoronix-test-suite.
Moderate
Unreviewed
CVE-2022-40704
was published
Jan 17, 2023
The Easy Accordion WordPress plugin before 2.2.0 does not validate and escape some of its...
Moderate
Unreviewed
CVE-2022-4487
was published
Jan 16, 2023
The Sidebar Widgets by CodeLights WordPress plugin through 1.4 does not validate and escape some...
Moderate
Unreviewed
CVE-2022-4460
was published
Jan 16, 2023
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 ...
Moderate
Unreviewed
CVE-2019-11429
was published
May 24, 2022
The 3D FlipBook WordPress plugin through 1.13.2 does not validate or escape some of its shortcode...
Moderate
Unreviewed
CVE-2022-4453
was published
Jan 16, 2023
The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode...
Moderate
Unreviewed
CVE-2022-4431
was published
Jan 16, 2023
The Social Sharing WordPress plugin before 3.3.45 does not validate and escape some of its...
Moderate
Unreviewed
CVE-2022-4451
was published
Jan 16, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected XSS in filemanager2.php ...
Moderate
Unreviewed
CVE-2019-13387
was published
May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a...
Moderate
Unreviewed
CVE-2019-13476
was published
May 24, 2022
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the...
Moderate
Unreviewed
CVE-2019-12190
was published
May 24, 2022
The Mesmerize Companion WordPress plugin before 1.6.135 does not validate and escape some of its...
Moderate
Unreviewed
CVE-2022-4481
was published
Jan 16, 2023
The WP Video Lightbox WordPress plugin before 1.9.7 does not validate and escape some of its...
Moderate
Unreviewed
CVE-2022-4465
was published
Jan 16, 2023
The Insert Pages WordPress plugin before 3.7.5 does not validate and escape some of its shortcode...
Moderate
Unreviewed
CVE-2022-4483
was published
Jan 16, 2023
ProTip!
Advisories are also available from the
GraphQL API