GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,914

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

122 advisories

Filter by severity

Sort by

Least recently updated

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2024-10038 was published Nov 13, 2024

The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10621 was published Nov 8, 2024

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure... Moderate Unreviewed

CVE-2024-20504 was published Nov 6, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-9147 was published Nov 4, 2024

The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-9438 was published Oct 29, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20382 was published Oct 23, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20341 was published Oct 23, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... High Unreviewed

CVE-2024-44061 was published Oct 20, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed

CVE-2024-20460 was published Oct 16, 2024

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ... Moderate Unreviewed

CVE-2024-47139 was published Oct 16, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed

CVE-2024-38039 was published Oct 4, 2024

The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... High Unreviewed

CVE-2024-8981 was published Oct 1, 2024

The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8872 was published Sep 26, 2024

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8680 was published Sep 21, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE... High Unreviewed

CVE-2024-2010 was published Sep 12, 2024

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2... Moderate Unreviewed

CVE-2024-38859 was published Aug 26, 2024

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed

CVE-2024-8145 was published Aug 25, 2024

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-7629 was published Aug 21, 2024

Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed

CVE-2024-41697 was published Aug 20, 2024

Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed

CVE-2024-41693 was published Jul 30, 2024

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in... High Unreviewed

CVE-2024-32484 was published Jul 22, 2024

Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote... Moderate Unreviewed

CVE-2024-27716 was published Jul 5, 2024

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users... Moderate Unreviewed

CVE-2024-6052 was published Jul 3, 2024

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2... Moderate Unreviewed

CVE-2024-28832 was published Jun 25, 2024

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows... Moderate Unreviewed

CVE-2024-28831 was published Jun 25, 2024

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

122 advisories