GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,660 advisories
Filter by severity
Foxlor cross-site scripting (XSS) vulnerability
Moderate
CVE-2020-28957
was published
for
froxlor/froxlor
(Composer)
May 24, 2022
A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5...
Moderate
Unreviewed
CVE-2020-23054
was published
May 24, 2022
SugarCRM v6.5.18 was discovered to contain a cross-site scripting (XSS) vulnerability in the...
Moderate
Unreviewed
CVE-2020-28955
was published
May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Sales module of SugarCRM v6.5.18...
Moderate
Unreviewed
CVE-2020-28956
was published
May 24, 2022
ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006 was discovered to contain...
Moderate
Unreviewed
CVE-2020-23055
was published
May 24, 2022
Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS...
Moderate
Unreviewed
CVE-2020-28968
was published
May 24, 2022
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in...
Moderate
Unreviewed
CVE-2020-28961
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36496
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36497
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36492
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36493
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36494
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36491
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36490
was published
May 24, 2022
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2020-36489
was published
May 24, 2022
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS...
Moderate
Unreviewed
CVE-2020-36486
was published
May 24, 2022
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting ...
Moderate
Unreviewed
CVE-2020-36499
was published
May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in...
Moderate
Unreviewed
CVE-2020-36495
was published
May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Support module of SugarCRM v6.5.18...
Moderate
Unreviewed
CVE-2020-36501
was published
May 24, 2022
Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2020-36502
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ...
Moderate
Unreviewed
CVE-2021-34738
was published
May 24, 2022
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2020-36498
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ...
Moderate
Unreviewed
CVE-2021-40121
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS...
Moderate
Unreviewed
CVE-2021-34760
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco Tetration could allow an...
Moderate
Unreviewed
CVE-2021-34789
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API