Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28,483 advisories

Loading
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the... Moderate Unreviewed
CVE-2024-10234 was published Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file... Moderate Unreviewed
CVE-2024-48708 was published Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a)... Moderate Unreviewed
CVE-2024-48707 was published Oct 22, 2024
Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53.... Moderate Unreviewed
CVE-2022-23861 was published Oct 22, 2024
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute... Critical Unreviewed
CVE-2024-46538 was published Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action... Moderate Unreviewed
CVE-2024-46240 was published Oct 22, 2024
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section Moderate
CVE-2024-47819 was published for @umbraco-cms/backoffice (npm) Oct 22, 2024
DuongPhamm
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-9231 was published Oct 22, 2024
The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-10189 was published Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-9590 was published Oct 22, 2024
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9591 was published Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-9589 was published Oct 22, 2024
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management... Moderate Unreviewed
CVE-2024-46238 was published Oct 21, 2024
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0... Moderate Unreviewed
CVE-2024-46239 was published Oct 21, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed
CVE-2024-48709 was published Oct 21, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed
CVE-2024-46236 was published Oct 21, 2024
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows... Unknown Unreviewed
CVE-2024-40746 was published Oct 21, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2024-10197 was published Oct 21, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-10198 was published Oct 21, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-10199 was published Oct 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49334 was published Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-48049 was published Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49323 was published Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-49606 was published Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-49631 was published Oct 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database