GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23,213 advisories

Filter by severity

Sort by

Least recently updated

WebLaudos v20.8 (118) was discovered to contain a cross-site scripting (XSS) vulnerability via... Moderate Unreviewed

CVE-2024-48312 was published Nov 5, 2024

A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker... Moderate Unreviewed

CVE-2024-30618 was published Nov 4, 2024

The Photo Gallery by 10Web WordPress plugin before 1.8.28 does not properly sanitise and escape... Moderate Unreviewed

CVE-2024-5968 was published Oct 9, 2024

Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360,... Moderate Unreviewed

CVE-2024-28436 was published Apr 22, 2024

Cross Site Scripting (XSS) vulnerability in Xabier Miranda WP Back Button allows Stored XSS.This... Moderate Unreviewed

CVE-2024-35643 was published Jun 3, 2024

Cross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970... Moderate Unreviewed

CVE-2024-36453 was published Jul 10, 2024

Opswat Metadefender Core before 5.2.1 does not properly defend against potential HTML injection... Moderate Unreviewed

CVE-2023-25364 was published Mar 27, 2024

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft ... Moderate Unreviewed

CVE-2024-21154 was published Jul 17, 2024

In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting ... Moderate Unreviewed

CVE-2023-44040 was published Apr 3, 2024

Cross-site scripting vulnerability exists in Mini Thread Version 3.33βi. An arbitrary script may... Moderate Unreviewed

CVE-2024-28034 was published Mar 26, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed

CVE-2024-21046 was published Apr 17, 2024

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel,... Moderate Unreviewed

CVE-2024-9657 was published Nov 5, 2024

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-9878 was published Nov 5, 2024

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel,... Moderate Unreviewed

CVE-2024-9867 was published Nov 5, 2024

The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-9178 was published Nov 5, 2024

The Basticom Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2024-9443 was published Nov 5, 2024

The Seriously Simple Podcasting plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-9667 was published Nov 5, 2024

The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10340 was published Nov 5, 2024

Cross-site scripting vulnerability exists in MF Teacher Performance Management System version 6.... Moderate Unreviewed

CVE-2024-41930 was published Sep 27, 2024

Cross Site Scripting vulnerability in FiberHome HG6544C RP2743 allows an attacker to execute... Moderate Unreviewed

CVE-2024-51432 was published Nov 1, 2024

Cross Site Scripting vulnerability in Camtrace v.9.16.2.1 allows a remote attacker to execute... Moderate Unreviewed

CVE-2024-48410 was published Nov 1, 2024

Inadequate content filtering leads to XSS vulnerabilities in various components. Moderate Unreviewed

CVE-2024-21726 was published Feb 29, 2024

Cross Site Scripting vulnerability in Chamilo LMS v.1.11.26 allows a remote attacker to escalate... Moderate Unreviewed

CVE-2024-27525 was published Nov 1, 2024

Mirotalk before commit 9de226 was discovered to contain a DOM-based cross-site scripting (XSS)... Moderate Unreviewed

CVE-2024-44731 was published Oct 11, 2024

Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System... Moderate Unreviewed

CVE-2024-51328 was published Nov 4, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

23,213 advisories