GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,653 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43936
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43946
was published
Aug 29, 2024
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute...
Moderate
Unreviewed
CVE-2024-44717
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43935
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43952
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43948
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43949
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43951
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43961
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43964
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43934
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43960
was published
Aug 29, 2024
A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows...
Moderate
Unreviewed
CVE-2024-44919
was published
Aug 29, 2024
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information
Moderate
CVE-2024-45046
was published
for
phpoffice/phpspreadsheet
(Composer)
Aug 29, 2024
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
High
CVE-2024-43805
was published
for
jupyterlab
(pip)
Aug 29, 2024
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-1056
was published
Aug 29, 2024
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-1384
was published
Aug 29, 2024
The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7606
was published
Aug 29, 2024
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-7895
was published
Aug 29, 2024
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may...
Moderate
Unreviewed
CVE-2024-5624
was published
Aug 29, 2024
The WP To Do plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment in all...
Moderate
Unreviewed
CVE-2024-3944
was published
Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-43986
was published
Aug 29, 2024
Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting (XSS) vulnerability via...
Moderate
Unreviewed
CVE-2024-42900
was published
Aug 28, 2024
HyperView Geoportal Toolkit in versions though 8.2.4 is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-6450
was published
Aug 28, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal...
High
Unreviewed
CVE-2024-7269
was published
Aug 28, 2024
ProTip!
Advisories are also available from the
GraphQL API