Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,660 advisories

Loading
Foxlor cross-site scripting (XSS) vulnerability Moderate
CVE-2020-28957 was published for froxlor/froxlor (Composer) May 24, 2022
A cross-site scripting (XSS) vulnerability in NSK User Agent String Switcher Service v0.3.5... Moderate Unreviewed
CVE-2020-23054 was published May 24, 2022
SugarCRM v6.5.18 was discovered to contain a cross-site scripting (XSS) vulnerability in the... Moderate Unreviewed
CVE-2020-28955 was published May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Sales module of SugarCRM v6.5.18... Moderate Unreviewed
CVE-2020-28956 was published May 24, 2022
ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006 was discovered to contain... Moderate Unreviewed
CVE-2020-23055 was published May 24, 2022
Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS... Moderate Unreviewed
CVE-2020-28968 was published May 24, 2022
Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2020-28961 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36496 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36497 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36492 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36493 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36494 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36491 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36490 was published May 24, 2022
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS)... Moderate Unreviewed
CVE-2020-36489 was published May 24, 2022
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS... Moderate Unreviewed
CVE-2020-36486 was published May 24, 2022
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a cross-site scripting ... Moderate Unreviewed
CVE-2020-36499 was published May 24, 2022
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in... Moderate Unreviewed
CVE-2020-36495 was published May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Support module of SugarCRM v6.5.18... Moderate Unreviewed
CVE-2020-36501 was published May 24, 2022
Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-site scripting (XSS)... Moderate Unreviewed
CVE-2020-36502 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2021-34738 was published May 24, 2022
Macrob7 Macs Framework Content Management System - 1.14f contains a cross-site scripting (XSS)... Moderate Unreviewed
CVE-2020-36498 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2021-40121 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS... Moderate Unreviewed
CVE-2021-34760 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Tetration could allow an... Moderate Unreviewed
CVE-2021-34789 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API