GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,149

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

139 advisories

Filter by severity

Sort by

Least recently updated

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ... Moderate Unreviewed

CVE-2024-47139 was published Oct 16, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed

CVE-2024-38039 was published Oct 4, 2024

The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... High Unreviewed

CVE-2024-8981 was published Oct 1, 2024

The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8872 was published Sep 26, 2024

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8680 was published Sep 21, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE... High Unreviewed

CVE-2024-2010 was published Sep 12, 2024

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2... Moderate Unreviewed

CVE-2024-38859 was published Aug 26, 2024

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed

CVE-2024-8145 was published Aug 25, 2024

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-7629 was published Aug 21, 2024

Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed

CVE-2024-41697 was published Aug 20, 2024

Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed

CVE-2024-41693 was published Jul 30, 2024

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in... High Unreviewed

CVE-2024-32484 was published Jul 22, 2024

Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote... Moderate Unreviewed

CVE-2024-27716 was published Jul 5, 2024

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users... Moderate Unreviewed

CVE-2024-6052 was published Jul 3, 2024

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2... Moderate Unreviewed

CVE-2024-28832 was published Jun 25, 2024

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows... Moderate Unreviewed

CVE-2024-28831 was published Jun 25, 2024

Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute... Moderate Unreviewed

CVE-2024-37732 was published Jun 24, 2024

A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an... Moderate Unreviewed

CVE-2024-6251 was published Jun 22, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2022-38055 was published Jun 21, 2024

A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an... Moderate Unreviewed

CVE-2024-6183 was published Jun 20, 2024

A vulnerability was found in Genexis Tilgin Home Gateway 322_AS0500-03_05_13_05. It has been... Moderate Unreviewed

CVE-2024-6108 was published Jun 18, 2024

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS)... Moderate Unreviewed

CVE-2024-38469 was published Jun 17, 2024

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL) Moderate Unreviewed

CVE-2024-5741 was published Jun 17, 2024

Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed

CVE-2024-36395 was published Jun 13, 2024

A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an... Moderate Unreviewed

CVE-2024-5851 was published Jun 11, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

139 advisories