GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30,234 advisories
Filter by severity
The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-12239
was published
Dec 17, 2024
The TPG Get Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11906
was published
Dec 17, 2024
The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11902
was published
Dec 17, 2024
The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11905
was published
Dec 17, 2024
Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet.
Moderate
Unreviewed
CVE-2024-55554
was published
Dec 17, 2024
A Stored Cross-Site Scripting (XSS) vulnerability exists in authenticated SVG file upload and...
Moderate
Unreviewed
CVE-2024-55451
was published
Dec 17, 2024
The CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout plugin for...
Moderate
Unreviewed
CVE-2024-12443
was published
Dec 17, 2024
The Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-11900
was published
Dec 17, 2024
A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9.1.2 allows attackers to...
Moderate
Unreviewed
CVE-2024-37776
was published
Dec 17, 2024
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online...
Moderate
Unreviewed
CVE-2024-55100
was published
Dec 16, 2024
A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8...
Moderate
Unreviewed
CVE-2024-12664
was published
Dec 16, 2024
A vulnerability, which was classified as problematic, was found in ruifang-tech Rebuild 3.8.5....
Moderate
Unreviewed
CVE-2024-12665
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-54348
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54257
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54249
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-56011
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-54442
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54437
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-54443
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-54441
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54390
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54395
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54403
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54406
was published
Dec 16, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54424
was published
Dec 16, 2024
ProTip!
Advisories are also available from the
GraphQL API