GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
28,040 advisories
Filter by severity
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40508
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40506
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40507
was published
Sep 27, 2024
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting...
Moderate
Unreviewed
CVE-2024-45986
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management...
Moderate
Unreviewed
CVE-2024-45984
was published
Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation...
Moderate
Unreviewed
CVE-2024-45985
was published
Sep 26, 2024
Layui has DOM Clobbering gadgets that leads to Cross-site Scripting
Moderate
CVE-2024-47075
was published
for
layui
(npm)
Sep 26, 2024
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-9177
was published
Sep 26, 2024
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress...
Moderate
Unreviewed
CVE-2024-8633
was published
Sep 26, 2024
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-9127
was published
Sep 26, 2024
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9117
was published
Sep 26, 2024
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9173
was published
Sep 26, 2024
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a...
High
Unreviewed
CVE-2022-4541
was published
Sep 26, 2024
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9125
was published
Sep 26, 2024
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9115
was published
Sep 26, 2024
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross...
High
Unreviewed
CVE-2024-9198
was published
Sep 26, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8861
was published
Sep 26, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a...
Moderate
Unreviewed
CVE-2024-6517
was published
Sep 26, 2024
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS...
Moderate
Unreviewed
CVE-2024-45836
was published
Sep 26, 2024
The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8803
was published
Sep 26, 2024
The 012 Ps Multi Languages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8723
was published
Sep 26, 2024
Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184)
Moderate
GHSA-75j2-9gmc-m855
was published
for
camaleon_cms
(RubyGems)
Sep 25, 2024
Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2023-51157
was published
Sep 25, 2024
A reflected cross-site scripting (XSS) vulnerability in Ellevo 6.2.0.38160 allows attackers to...
Moderate
Unreviewed
CVE-2024-46655
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API