Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

32 advisories

Loading
Cross-site scripting (XSS) from field and configuration text displayed in the Panel High
CVE-2021-32735 was published for getkirby/cms (Composer) Jul 2, 2021
hdodov tdunlap607
Cross-site Scripting in the Flamingo theme manager High
CVE-2022-29251 was published for org.xwiki.platform:xwiki-platform-flamingo-theme-ui (Maven) May 25, 2022
XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list High
CVE-2022-36096 was published for org.xwiki.platform:xwiki-platform-index-ui (Maven) Sep 16, 2022
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history High
CVE-2022-36094 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form High
CVE-2022-36097 was published for org.xwiki.platform:xwiki-platform-attachment-ui (Maven) Sep 16, 2022
An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin... High Unreviewed
CVE-2022-0989 was published Apr 12, 2022
Cross Site Scripting vulnerability in django-jsonform's admin form. High
GHSA-x9jp-4w8m-4f3c was published for django-jsonform (pip) Jun 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database