Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,653 advisories

Loading
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer Release on... High Unreviewed
CVE-2024-7939 was published Sep 2, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject... Low Unreviewed
CVE-2024-38858 was published Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release... High Unreviewed
CVE-2024-7938 was published Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on... High Unreviewed
CVE-2024-7932 was published Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry... High Unreviewed
CVE-2024-8004 was published Sep 2, 2024
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters,... Moderate Unreviewed
CVE-2024-7691 was published Sep 2, 2024
CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php... Moderate Unreviewed
CVE-2024-45528 was published Sep 2, 2024
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability... Moderate Unreviewed
CVE-2024-8370 was published Sep 2, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2024-8366 was published Aug 31, 2024
The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8276 was published Aug 31, 2024
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-8108 was published Aug 31, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-3886 was published Aug 31, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-5212 was published Aug 31, 2024
TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the ... Moderate Unreviewed
CVE-2024-44684 was published Aug 31, 2024
Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php. Moderate Unreviewed
CVE-2024-44683 was published Aug 31, 2024
ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend that allows attackers to... Moderate Unreviewed
CVE-2024-44682 was published Aug 31, 2024
A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9... Low Unreviewed
CVE-2024-44918 was published Aug 30, 2024
Svelte has a potential mXSS vulnerability due to improper HTML escaping Moderate
CVE-2024-45047 was published for svelte (npm) Aug 30, 2024
arkark
A vulnerability, which was classified as problematic, has been found in SourceCodester Contact... Moderate Unreviewed
CVE-2024-8337 was published Aug 30, 2024
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8274 was published Aug 30, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-7122 was published Aug 30, 2024
Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B... Moderate Unreviewed
CVE-2024-34577 was published Aug 30, 2024
Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper... Moderate Unreviewed
CVE-2024-42412 was published Aug 30, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-4401 was published Aug 30, 2024
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-5024 was published Aug 30, 2024
ProTip! Advisories are also available from the GraphQL API