Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,964 advisories

Loading
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to... Moderate Unreviewed
CVE-2024-8942 was published Sep 25, 2024
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-7617 was published Sep 25, 2024
The Radio Player – Live Shoutcast, Icecast and Any Audio Stream Player for WordPress plugin for... Moderate Unreviewed
CVE-2024-8267 was published Sep 25, 2024
Cross-Site Scripting (XSS) vulnerability in the Oct8ne system. This flaw could allow an attacker... Moderate Unreviewed
CVE-2024-9141 was published Sep 25, 2024
The AnWP Football Leagues plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8917 was published Sep 25, 2024
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8919 was published Sep 25, 2024
Flowise < 2.1.1 suffers from a Stored Cross-Site vulnerability due to a lack of input... Critical Unreviewed
CVE-2024-9148 was published Sep 25, 2024
Cross site scripting in Concrete CMS Low
CVE-2024-7398 was published for concrete5/concrete5 (Composer) Sep 25, 2024
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier allows stored XSS in the... Moderate Unreviewed
CVE-2024-47048 was published Sep 25, 2024
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to DOM-based... Moderate Unreviewed
CVE-2024-46934 was published Sep 25, 2024
The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin... High Unreviewed
CVE-2024-8914 was published Sep 25, 2024
Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-26688 was published Sep 25, 2024
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to... High Unreviewed
CVE-2024-41725 was published Sep 25, 2024
The XT Ajax Add To Cart for WooCommerce plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-8716 was published Sep 24, 2024
The Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for... Moderate Unreviewed
CVE-2024-8628 was published Sep 24, 2024
The Koko Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-8662 was published Sep 24, 2024
The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-8738 was published Sep 24, 2024
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-8544 was published Sep 24, 2024
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8657 was published Sep 24, 2024
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS High
CVE-2024-47068 was published for rollup (npm) Sep 23, 2024
jackfromeast ishmeals
Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) Moderate
GHSA-8fx8-3rg2-79xw was published for camaleon_cms (RubyGems) Sep 23, 2024
A Cross-Site Scripting (XSS) vulnerability was identified in the repository transfer feature of... Moderate Unreviewed
CVE-2024-8770 was published Sep 23, 2024
A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that... Moderate Unreviewed
CVE-2023-46948 was published Sep 23, 2024
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via... Moderate Unreviewed
CVE-2024-46241 was published Sep 23, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-7835 was published Sep 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database