GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,653 advisories
Filter by severity
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5879
was published
Aug 30, 2024
The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-5061
was published
Aug 30, 2024
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the...
Moderate
Unreviewed
CVE-2024-3998
was published
Aug 30, 2024
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly...
Moderate
Unreviewed
CVE-2024-8328
was published
Aug 30, 2024
unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via application/views/marks/add_by_url.php.
Moderate
Unreviewed
CVE-2024-41349
was published
Aug 29, 2024
Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php.
Moderate
Unreviewed
CVE-2024-41371
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43921
was published
Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/submit.php
Moderate
Unreviewed
CVE-2024-41346
was published
Aug 29, 2024
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics...
Moderate
Unreviewed
CVE-2024-41350
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43920
was published
Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/trip.php
Moderate
Unreviewed
CVE-2024-41345
was published
Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/settings.php
Moderate
Unreviewed
CVE-2024-41347
was published
Aug 29, 2024
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics...
Moderate
Unreviewed
CVE-2024-41351
was published
Aug 29, 2024
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load...
Moderate
Unreviewed
CVE-2024-41358
was published
Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php
Moderate
Unreviewed
CVE-2024-41348
was published
Aug 29, 2024
Serilog Client IP Spoofing vulnerability
Moderate
CVE-2024-44930
was published
for
Serilog.Enrichers.ClientInfo
(NuGet)
Aug 29, 2024
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of...
High
Unreviewed
CVE-2024-44777
was published
Aug 29, 2024
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of...
High
Unreviewed
CVE-2024-44778
was published
Aug 29, 2024
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute...
Moderate
Unreviewed
CVE-2024-44716
was published
Aug 29, 2024
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page...
High
Unreviewed
CVE-2024-44779
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43963
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43950
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43953
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43926
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43958
was published
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API