GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
24,609 advisories
Filter by severity
A vulnerability was found in y_project RuoYi up to 4.7.9. It has been declared as problematic....
Moderate
Unreviewed
CVE-2024-9048
was published
Sep 21, 2024
A stored cross-site scripting (XSS) vulnerability in the Add Scheduled Task module of Maccms10...
Moderate
Unreviewed
CVE-2024-46654
was published
Sep 20, 2024
Cross Site Scripting vulnerability in Leotheme Leo Product Search Module v.2.1.6 and earlier...
Moderate
Unreviewed
CVE-2024-42697
was published
Sep 20, 2024
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-9033
was published
Sep 20, 2024
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This...
Moderate
Unreviewed
CVE-2024-9030
was published
Sep 20, 2024
A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up...
Moderate
Unreviewed
CVE-2024-9031
was published
Sep 20, 2024
An authenticated attacker with administrative access to the appliance can inject malicious...
Moderate
Unreviewed
CVE-2023-22843
was published
Aug 9, 2023
A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This...
Moderate
Unreviewed
CVE-2024-9007
was published
Sep 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38221
was published
Sep 19, 2024
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting ...
High
Unreviewed
CVE-2023-34121
was published
Jun 13, 2023
Apache Allura's neighborhood settings are vulnerable to a stored XSS attack. Only neighborhood...
Moderate
Unreviewed
CVE-2024-38379
was published
Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an...
Low
Unreviewed
CVE-2024-6251
was published
Jun 22, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper input...
Moderate
Unreviewed
CVE-2024-45176
was published
Sep 5, 2024
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release...
High
Unreviewed
CVE-2024-7737
was published
Sep 19, 2024
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser...
Moderate
Unreviewed
CVE-2024-8653
was published
Sep 19, 2024
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry...
High
Unreviewed
CVE-2024-7736
was published
Sep 19, 2024
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser...
Moderate
Unreviewed
CVE-2024-8652
was published
Sep 19, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal...
High
Unreviewed
CVE-2024-7269
was published
Aug 28, 2024
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could...
Moderate
Unreviewed
CVE-2023-28599
was published
Jun 13, 2023
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Critical
Unreviewed
CVE-2024-7785
was published
Sep 19, 2024
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim...
Moderate
Unreviewed
CVE-2023-28598
was published
Jun 13, 2023
A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an...
Moderate
Unreviewed
CVE-2022-3963
was published
Nov 13, 2022
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs...
Moderate
Unreviewed
CVE-2020-18661
was published
May 24, 2022
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via...
Moderate
Unreviewed
CVE-2018-18674
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API