GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,964 advisories
Filter by severity
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to...
Moderate
Unreviewed
CVE-2024-8942
was published
Sep 25, 2024
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-7617
was published
Sep 25, 2024
The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for...
Moderate
Unreviewed
CVE-2024-8267
was published
Sep 25, 2024
Cross-Site Scripting (XSS) vulnerability in the Oct8ne system. This flaw could allow an attacker...
Moderate
Unreviewed
CVE-2024-9141
was published
Sep 25, 2024
The AnWP Football Leagues plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8917
was published
Sep 25, 2024
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8919
was published
Sep 25, 2024
Flowise < 2.1.1 suffers from a Stored Cross-Site vulnerability due to a lack of input...
Critical
Unreviewed
CVE-2024-9148
was published
Sep 25, 2024
Cross site scripting in Concrete CMS
Low
CVE-2024-7398
was published
for
concrete5/concrete5
(Composer)
Sep 25, 2024
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the...
Moderate
Unreviewed
CVE-2024-47048
was published
Sep 25, 2024
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based...
Moderate
Unreviewed
CVE-2024-46934
was published
Sep 25, 2024
The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin...
High
Unreviewed
CVE-2024-8914
was published
Sep 25, 2024
Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to...
Moderate
Unreviewed
CVE-2023-26688
was published
Sep 25, 2024
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input
fields that are used to...
High
Unreviewed
CVE-2024-41725
was published
Sep 25, 2024
The XT Ajax Add To Cart for WooCommerce plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-8716
was published
Sep 24, 2024
The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for...
Moderate
Unreviewed
CVE-2024-8628
was published
Sep 24, 2024
The Koko Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8662
was published
Sep 24, 2024
The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-8738
was published
Sep 24, 2024
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-8544
was published
Sep 24, 2024
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8657
was published
Sep 24, 2024
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS
High
CVE-2024-47068
was published
for
rollup
(npm)
Sep 23, 2024
Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184)
Moderate
GHSA-8fx8-3rg2-79xw
was published
for
camaleon_cms
(RubyGems)
Sep 23, 2024
A Cross-Site Scripting (XSS) vulnerability was identified in the repository transfer feature of...
Moderate
Unreviewed
CVE-2024-8770
was published
Sep 23, 2024
A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that...
Moderate
Unreviewed
CVE-2023-46948
was published
Sep 23, 2024
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via...
Moderate
Unreviewed
CVE-2024-46241
was published
Sep 23, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-7835
was published
Sep 23, 2024
ProTip!
Advisories are also available from the
GraphQL API