Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,787
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,959 advisories

Loading
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-5330 was published Aug 1, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-7302 was published Aug 1, 2024
A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2024-7343 was published Aug 1, 2024
ZITADEL has improper HTML sanitization in emails and Console UI Moderate
CVE-2024-41953 was published for github.com/zitadel/zitadel (Go) Jul 31, 2024
livio-a
eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget Moderate
GHSA-gc5h-6jx9-q2qh was published for ezsystems/ezplatform-admin-ui (Composer) Jul 31, 2024
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution Critical
CVE-2024-41947 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Jul 31, 2024
A “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')”... High Unreviewed
CVE-2024-31199 was published Jul 31, 2024
The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-6208 was published Jul 31, 2024
Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget Moderate
CVE-2024-39318 was published for ibexa/admin-ui (Composer) Jul 31, 2024
4rdr
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management... Moderate Unreviewed
CVE-2024-7321 was published Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2024-7309 was published Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-7310 was published Jul 31, 2024
The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form... Moderate Unreviewed
CVE-2024-6725 was published Jul 31, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Bolt... Moderate Unreviewed
CVE-2024-7300 was published Jul 31, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Bolt CMS 3.7.1. It has been rated as... Moderate Unreviewed
CVE-2024-7299 was published Jul 31, 2024
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7303 was published Jul 31, 2024
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and... Moderate Unreviewed
CVE-2024-7285 was published Jul 31, 2024
The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is... High Unreviewed
CVE-2024-6770 was published Jul 31, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation... Moderate Unreviewed
CVE-2024-7284 was published Jul 31, 2024
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-5901 was published Jul 30, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in Stackposts Social... High Unreviewed
CVE-2024-7127 was published Jul 30, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7225 was published Jul 30, 2024
Matrix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site... Moderate Unreviewed
CVE-2024-38430 was published Jul 30, 2024
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-7100 was published Jul 30, 2024
A vulnerability was found in SourceCodester School Log Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2024-7218 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API