GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-10621
was published
Nov 8, 2024
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure...
Moderate
Unreviewed
CVE-2024-20504
was published
Nov 6, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-9147
was published
Nov 4, 2024
The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-9438
was published
Oct 29, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20382
was published
Oct 23, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20341
was published
Oct 23, 2024
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
Moderate
CVE-2024-47819
was published
for
@umbraco-cms/backoffice
(npm)
Oct 22, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
High
Unreviewed
CVE-2024-44061
was published
Oct 20, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20460
was published
Oct 16, 2024
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ...
Moderate
Unreviewed
CVE-2024-47139
was published
Oct 16, 2024
Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS
Moderate
CVE-2024-47765
was published
for
dev-lancer/minecraft-motd-parser
(Composer)
Oct 4, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that...
Moderate
Unreviewed
CVE-2024-38039
was published
Oct 4, 2024
The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
High
Unreviewed
CVE-2024-8981
was published
Oct 1, 2024
starcitizentools/citizen-skin vulnerable to stored, self-XSS in the "real name" field
Moderate
CVE-2024-47536
was published
for
starcitizentools/citizen-skin
(Composer)
Sep 30, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE...
High
Unreviewed
CVE-2024-2010
was published
Sep 12, 2024
Craft CMS vulnerable to stored XSS in breadcrumb list and title fields
Moderate
CVE-2024-45406
was published
for
craftcms/cms
(Composer)
Sep 9, 2024
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2...
Moderate
Unreviewed
CVE-2024-38859
was published
Aug 26, 2024
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by...
Moderate
Unreviewed
CVE-2024-8145
was published
Aug 25, 2024
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7629
was published
Aug 21, 2024
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41697
was published
Aug 20, 2024
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution
Critical
CVE-2024-41947
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Jul 31, 2024
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41693
was published
Jul 30, 2024
Sentry vulnerable to stored Cross-Site Scripting (XSS)
High
CVE-2024-41656
was published
for
sentry
(pip)
Jul 23, 2024
ProTip!
Advisories are also available from the
GraphQL API