Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,651
Erlang
34
GitHub Actions
26
Go
2,252
Maven
5,000+
npm
3,904
NuGet
702
pip
3,676
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

123 advisories

Loading
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php High
CVE-2024-51495 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php High
CVE-2024-51494 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints High
CVE-2024-50355 was published for librenms/librenms (Composer) Nov 15, 2024
minhnq1618
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php High
CVE-2024-50352 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php High
CVE-2024-50351 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php High
CVE-2024-50350 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php High
CVE-2024-49764 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php High
CVE-2024-49759 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php High
CVE-2024-49754 was published for librenms/librenms (Composer) Nov 15, 2024
RaphaelCSS RaphaelCSSilva
Cross Site Scripting vulnerability in Snipe-IT High
CVE-2024-51093 was published for snipe/snipe-it (Composer) Nov 12, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name High
CVE-2024-47524 was published for librenms/librenms (Composer) Oct 1, 2024
minhnq1618
Persistent Cross-site Scripting in eZ Platform Rich Text Field Type High
CVE-2024-43372 was published for ezsystems/ezplatform-richtext (Composer) Aug 14, 2024
4rdr
Persistent Cross-site Scripting in Ibexa RichText Field Type High
CVE-2024-43369 was published for ibexa/fieldtype-richtext (Composer) Aug 14, 2024
4rdr
ICEcoder vulnerable to Cross Site Scripting High
CVE-2024-41374 was published for icecoder/icecoder (Composer) Jul 26, 2024
ICEcoder vulnerable to Cross Site Scripting High
CVE-2024-41375 was published for icecoder/icecoder (Composer) Jul 26, 2024
BookStack Incorrect Access Control vulnerability High
CVE-2024-36676 was published for ssddanbrown/bookstack (Composer) Jul 10, 2024
TYPO3 Arbitrary Code Execution and Cross-Site Scripting in Backend API High
GHSA-x428-565f-8xj2 was published for typo3/cms-core (Composer) May 30, 2024
Passbolt API Stored XSS on first/last name during setup High
GHSA-2f46-4xjm-73x5 was published for passbolt/passbolt_api (Composer) May 20, 2024
Cross-site Scripting vulnerabilities in Neos High
GHSA-6cj3-rc4p-f38f was published for neos/neos (Composer) May 17, 2024
eZ Platform Admin UI Cross-site Scripting vulnerability High
GHSA-q73v-79x3-jv2w was published for ezsystems/ezplatform-admin-ui (Composer) May 15, 2024
Cross-site Scripting in eZFind spellcheck High
GHSA-9cq2-pcgr-8h62 was published for ezsystems/ezfind-ls (Composer) May 15, 2024
Cross-site Scripting (XSS) in DemoBundle/ezdemo bundled VideoJS High
GHSA-jq9q-6p42-qpr7 was published for ezsystems/ezdemo-ls-extension (Composer) May 15, 2024
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS High
CVE-2024-32479 was published for librenms/librenms (Composer) Apr 22, 2024
rook1337
Dolibarr Application Home Page has HTML injection vulnerability High
CVE-2024-23817 was published for dolibarr/dolibarr (Composer) Apr 18, 2024
saimanikanta1992
Mautic vulnerable to stored cross-site scripting in description field High
CVE-2021-27915 was published for mautic/core (Composer) Apr 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database