GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,653 advisories
Filter by severity
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer Release on...
High
Unreviewed
CVE-2024-7939
was published
Sep 2, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject...
Low
Unreviewed
CVE-2024-38858
was published
Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release...
High
Unreviewed
CVE-2024-7938
was published
Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on...
High
Unreviewed
CVE-2024-7932
was published
Sep 2, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry...
High
Unreviewed
CVE-2024-8004
was published
Sep 2, 2024
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape some parameters,...
Moderate
Unreviewed
CVE-2024-7691
was published
Sep 2, 2024
CodeAstro MembershipM-PHP (aka Membership Management System in PHP) 1.0 allows add_members.php...
Moderate
Unreviewed
CVE-2024-45528
was published
Sep 2, 2024
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability...
Moderate
Unreviewed
CVE-2024-8370
was published
Sep 2, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-8366
was published
Aug 31, 2024
The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8276
was published
Aug 31, 2024
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-8108
was published
Aug 31, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-3886
was published
Aug 31, 2024
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-5212
was published
Aug 31, 2024
TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the ...
Moderate
Unreviewed
CVE-2024-44684
was published
Aug 31, 2024
Seacms v13 is vulnerable to Cross Site Scripting (XSS) via admin-video.php.
Moderate
Unreviewed
CVE-2024-44683
was published
Aug 31, 2024
ShopXO 6.2 is vulnerable to Cross Site Scripting (XSS) in the backend that allows attackers to...
Moderate
Unreviewed
CVE-2024-44682
was published
Aug 31, 2024
A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9...
Low
Unreviewed
CVE-2024-44918
was published
Aug 30, 2024
Svelte has a potential mXSS vulnerability due to improper HTML escaping
Moderate
CVE-2024-45047
was published
for
svelte
(npm)
Aug 30, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester Contact...
Moderate
Unreviewed
CVE-2024-8337
was published
Aug 30, 2024
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8274
was published
Aug 30, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-7122
was published
Aug 30, 2024
Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B...
Moderate
Unreviewed
CVE-2024-34577
was published
Aug 30, 2024
Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper...
Moderate
Unreviewed
CVE-2024-42412
was published
Aug 30, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-4401
was published
Aug 30, 2024
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-5024
was published
Aug 30, 2024
ProTip!
Advisories are also available from the
GraphQL API