GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,249 advisories
Filter by severity
Cross-Site Scripting in Content Preview (CType menu)
Moderate
CVE-2021-21370
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in typo3/cms-form
Moderate
CVE-2021-21358
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Cross-Site Scripting in Content Preview
Moderate
CVE-2021-21340
was published
for
typo3/cms
(Composer)
Mar 23, 2021
Cross-site scripting (XSS)
Moderate
CVE-2020-17551
was published
for
impresscms/impresscms
(Composer)
Mar 12, 2021
Cross-site scripting (XSS)
Moderate
CVE-2021-28088
was published
for
impresscms/impresscms
(Composer)
Mar 12, 2021
XSS in Adminer
Moderate
GHSA-m56g-3g8v-2rxw
was published
for
vrana/adminer
(Composer)
Feb 11, 2021
•
withdrawn
vrana/adminer via XSS in the history parameter in SQL command
Moderate
CVE-2020-35572
was published
for
vrana/adminer
(Composer)
Feb 11, 2021
XSS in Flarum Sticky extension
Moderate
CVE-2021-21283
was published
for
flarum/sticky
(Composer)
Jan 29, 2021
XSS vulnerability in company name field in Mautic
Moderate
CVE-2018-11200
was published
for
mautic/core
(Composer)
Jan 19, 2021
Inline JS XSS vulnerability in Mautic
Moderate
CVE-2017-1000488
was published
for
mautic/core
(Composer)
Jan 19, 2021
XSS vulnerability in theme config file in Mautic
Moderate
CVE-2018-8071
was published
for
mautic/core
(Composer)
Jan 19, 2021
XSS vulnerability in Author URL of themes in Mautic
Moderate
CVE-2018-11198
was published
for
mautic/core
(Composer)
Jan 19, 2021
Cross-site scripting vulnerability in TinyMCE
Moderate
CVE-2024-21911
was published
for
TinyMCE
(Composer)
Jan 6, 2021
Cross-Site Scripting in Fluid view helpers
Moderate
CVE-2020-26227
was published
for
typo3/cms
(Composer)
Dec 21, 2020
Cross-Site Scripting in Grav
Moderate
GHSA-cvmr-6428-87w9
was published
for
getgrav/grav
(Composer)
Dec 10, 2020
Reflected XSS with parameters in PostComment
Moderate
CVE-2020-26225
was published
for
prestashop/productcomments
(Composer)
Nov 16, 2020
Ability to switch customer email address on account detail page and stay verified
Moderate
CVE-2020-15245
was published
for
sylius/sylius
(Composer)
Oct 19, 2020
XSS vulnerability when listing users on add & modify server pages.
Moderate
GHSA-5822-pw57-vv37
was published
for
pterodactyl/panel
(Composer)
Oct 8, 2020
Cross-Site Scripting in ternary conditional operator
Moderate
CVE-2020-15241
was published
for
typo3/cms
(Composer)
Oct 8, 2020
Cross-site Scripting vulnerability in Kitodo.Presentation
Moderate
CVE-2020-16095
was published
for
kitodo/presentation
(Composer)
Jul 31, 2020
Reflected XSS when importing CSV in OctoberCMS
Moderate
CVE-2020-5298
was published
for
october/backend
(Composer)
Jun 3, 2020
Cross-Site Scripting in TYPO3 CMS Link Handling
Moderate
CVE-2020-11065
was published
for
typo3/cms
(Composer)
May 13, 2020
Cross-Site Scripting in TYPO3 CMS Form Engine
Moderate
CVE-2020-11064
was published
for
typo3/cms
(Composer)
May 13, 2020
Cross-Site Scripting in SVG Sanitizer
Moderate
CVE-2020-11070
was published
for
t3g/svg-sanitizer
(Composer)
May 13, 2020
ProTip!
Advisories are also available from the
GraphQL API