Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,653 advisories

Loading
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is... Moderate Unreviewed
CVE-2024-5879 was published Aug 30, 2024
The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-5061 was published Aug 30, 2024
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the... Moderate Unreviewed
CVE-2024-3998 was published Aug 30, 2024
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly... Moderate Unreviewed
CVE-2024-8328 was published Aug 30, 2024
unmark 1.9.2 is vulnerable to Cross Site Scripting (XSS) via application/views/marks/add_by_url.php. Moderate Unreviewed
CVE-2024-41349 was published Aug 29, 2024
Organizr v1.90 is vulnerable to Cross Site Scripting (XSS) via api.php. Moderate Unreviewed
CVE-2024-41371 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43921 was published Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/submit.php Moderate Unreviewed
CVE-2024-41346 was published Aug 29, 2024
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics... Moderate Unreviewed
CVE-2024-41350 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43920 was published Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/trip.php Moderate Unreviewed
CVE-2024-41345 was published Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/settings.php Moderate Unreviewed
CVE-2024-41347 was published Aug 29, 2024
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting (XSS) via Public/statics... Moderate Unreviewed
CVE-2024-41351 was published Aug 29, 2024
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via app\admin\import-export\import-load... Moderate Unreviewed
CVE-2024-41358 was published Aug 29, 2024
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php Moderate Unreviewed
CVE-2024-41348 was published Aug 29, 2024
Serilog Client IP Spoofing vulnerability Moderate
CVE-2024-44930 was published for Serilog.Enrichers.ClientInfo (NuGet) Aug 29, 2024
vbakke
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of... High Unreviewed
CVE-2024-44777 was published Aug 29, 2024
A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of... High Unreviewed
CVE-2024-44778 was published Aug 29, 2024
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute... Moderate Unreviewed
CVE-2024-44716 was published Aug 29, 2024
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page... High Unreviewed
CVE-2024-44779 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43963 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43950 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43953 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43926 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43958 was published Aug 29, 2024
ProTip! Advisories are also available from the GraphQL API