GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,787
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,959 advisories
Filter by severity
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-5330
was published
Aug 1, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-7302
was published
Aug 1, 2024
A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This...
Moderate
Unreviewed
CVE-2024-7343
was published
Aug 1, 2024
ZITADEL has improper HTML sanitization in emails and Console UI
Moderate
CVE-2024-41953
was published
for
github.com/zitadel/zitadel
(Go)
Jul 31, 2024
eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
Moderate
GHSA-gc5h-6jx9-q2qh
was published
for
ezsystems/ezplatform-admin-ui
(Composer)
Jul 31, 2024
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution
Critical
CVE-2024-41947
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Jul 31, 2024
A “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')”...
High
Unreviewed
CVE-2024-31199
was published
Jul 31, 2024
The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-6208
was published
Jul 31, 2024
Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget
Moderate
CVE-2024-39318
was published
for
ibexa/admin-ui
(Composer)
Jul 31, 2024
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management...
Moderate
Unreviewed
CVE-2024-7321
was published
Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-7309
was published
Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-7310
was published
Jul 31, 2024
The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form...
Moderate
Unreviewed
CVE-2024-6725
was published
Jul 31, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in Bolt...
Moderate
Unreviewed
CVE-2024-7300
was published
Jul 31, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Bolt CMS 3.7.1. It has been rated as...
Moderate
Unreviewed
CVE-2024-7299
was published
Jul 31, 2024
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7303
was published
Jul 31, 2024
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-7285
was published
Jul 31, 2024
The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is...
High
Unreviewed
CVE-2024-6770
was published
Jul 31, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation...
Moderate
Unreviewed
CVE-2024-7284
was published
Jul 31, 2024
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-5901
was published
Jul 30, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in Stackposts Social...
High
Unreviewed
CVE-2024-7127
was published
Jul 30, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7225
was published
Jul 30, 2024
Matrix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
Moderate
Unreviewed
CVE-2024-38430
was published
Jul 30, 2024
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7100
was published
Jul 30, 2024
A vulnerability was found in SourceCodester School Log Management System 1.0. It has been rated...
Moderate
Unreviewed
CVE-2024-7218
was published
Jul 30, 2024
ProTip!
Advisories are also available from the
GraphQL API