Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28,040 advisories

Loading
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40508 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40506 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40507 was published Sep 27, 2024
A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting... Moderate Unreviewed
CVE-2024-45986 was published Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management... Moderate Unreviewed
CVE-2024-45984 was published Sep 26, 2024
A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation... Moderate Unreviewed
CVE-2024-45985 was published Sep 26, 2024
Layui has DOM Clobbering gadgets that leads to Cross-site Scripting Moderate
CVE-2024-47075 was published for layui (npm) Sep 26, 2024
jackfromeast ishmeals
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-9177 was published Sep 26, 2024
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress... Moderate Unreviewed
CVE-2024-8633 was published Sep 26, 2024
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-9127 was published Sep 26, 2024
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2024-9117 was published Sep 26, 2024
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9173 was published Sep 26, 2024
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a... High Unreviewed
CVE-2022-4541 was published Sep 26, 2024
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2024-9125 was published Sep 26, 2024
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-9115 was published Sep 26, 2024
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross... High Unreviewed
CVE-2024-9198 was published Sep 26, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8861 was published Sep 26, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8872 was published Sep 26, 2024
The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-6517 was published Sep 26, 2024
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS... Moderate Unreviewed
CVE-2024-45836 was published Sep 26, 2024
The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8803 was published Sep 26, 2024
The 012 Ps Multi Languages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8723 was published Sep 26, 2024
Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) Moderate
GHSA-75j2-9gmc-m855 was published for camaleon_cms (RubyGems) Sep 25, 2024
Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute... Moderate Unreviewed
CVE-2023-51157 was published Sep 25, 2024
A reflected cross-site scripting (XSS) vulnerability in Ellevo 6.2.0.38160 allows attackers to... Moderate Unreviewed
CVE-2024-46655 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database