Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,653 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43936 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43946 was published Aug 29, 2024
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute... Moderate Unreviewed
CVE-2024-44717 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43935 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43952 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43948 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43949 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43951 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43961 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43964 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43934 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43960 was published Aug 29, 2024
A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows... Moderate Unreviewed
CVE-2024-44919 was published Aug 29, 2024
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information Moderate
CVE-2024-45046 was published for phpoffice/phpspreadsheet (Composer) Aug 29, 2024
emilvirkki marcinwealthon
neodc
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering High
CVE-2024-43805 was published for jupyterlab (pip) Aug 29, 2024
jackfromeast ishmeals
RRosio krassowski
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-1056 was published Aug 29, 2024
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-1384 was published Aug 29, 2024
The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-7606 was published Aug 29, 2024
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-7895 was published Aug 29, 2024
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may... Moderate Unreviewed
CVE-2024-5624 was published Aug 29, 2024
The WP To Do plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment in all... Moderate Unreviewed
CVE-2024-3944 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43986 was published Aug 29, 2024
Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting (XSS) vulnerability via... Moderate Unreviewed
CVE-2024-42900 was published Aug 28, 2024
HyperView Geoportal Toolkit in versions though 8.2.4 is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-6450 was published Aug 28, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal... High Unreviewed
CVE-2024-7269 was published Aug 28, 2024
ProTip! Advisories are also available from the GraphQL API