Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

26,991 advisories

Loading
The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver'... Moderate Unreviewed
CVE-2024-11688 was published Dec 21, 2024
The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST... Moderate Unreviewed
CVE-2024-12408 was published Dec 21, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-10453 was published Dec 21, 2024
The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-11196 was published Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed
CVE-2024-11287 was published Dec 21, 2024
The G Web Pro Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-11682 was published Dec 21, 2024
The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-11808 was published Dec 21, 2024
The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce... Moderate Unreviewed
CVE-2024-11938 was published Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-12262 was published Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-12588 was published Dec 21, 2024
The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up... Moderate Unreviewed
CVE-2024-12697 was published Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-9545 was published Dec 21, 2024
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1.... Moderate Unreviewed
CVE-2024-12846 was published Dec 21, 2024
The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-11811 was published Dec 21, 2024
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this... Moderate Unreviewed
CVE-2024-12845 was published Dec 21, 2024
A reflected cross-site scripting vulnerability in MONITORAPP Application Insight Web Application... Moderate Unreviewed
CVE-2021-40959 was published Dec 21, 2024
Piranha CMS Cross-site Scripting vulnerability Moderate
CVE-2024-55341 was published for Piranha (NuGet) Dec 20, 2024
Piranha CMS Cross-site Scripting vulnerability Moderate
CVE-2024-55342 was published for Piranha (NuGet) Dec 20, 2024
There is a cross-site scripting vulnerability in the management console of Absolute Secure Access... Moderate Unreviewed
CVE-2024-40875 was published Dec 20, 2024
A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This... Moderate Unreviewed
CVE-2024-12841 was published Dec 20, 2024
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1. Affected is an... Moderate Unreviewed
CVE-2024-12844 was published Dec 20, 2024
A vulnerability was found in Emlog Pro up to 2.4.1. It has been declared as problematic. This... Moderate Unreviewed
CVE-2024-12842 was published Dec 20, 2024
A vulnerability was found in Emlog Pro up to 2.4.1. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2024-12843 was published Dec 20, 2024
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController... Moderate Unreviewed
CVE-2024-56355 was published Dec 20, 2024
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details... Moderate Unreviewed
CVE-2024-56352 was published Dec 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database