GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
25,208 advisories
Filter by severity
Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53....
Moderate
Unreviewed
CVE-2022-23861
was published
Oct 22, 2024
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute...
Critical
Unreviewed
CVE-2024-46538
was published
Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action...
Moderate
Unreviewed
CVE-2024-46240
was published
Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file...
Moderate
Unreviewed
CVE-2024-48708
was published
Oct 22, 2024
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a)...
Moderate
Unreviewed
CVE-2024-48707
was published
Oct 22, 2024
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the...
Moderate
Unreviewed
CVE-2024-10234
was published
Oct 22, 2024
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker...
Low
Unreviewed
CVE-2024-47486
was published
Oct 18, 2024
The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-10189
was published
Oct 22, 2024
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-9231
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9590
was published
Oct 22, 2024
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9591
was published
Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9589
was published
Oct 22, 2024
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management...
Moderate
Unreviewed
CVE-2024-46238
was published
Oct 21, 2024
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0...
Moderate
Unreviewed
CVE-2024-46239
was published
Oct 21, 2024
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-46237
was published
Oct 9, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-48709
was published
Oct 21, 2024
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the...
Moderate
Unreviewed
CVE-2024-46236
was published
Oct 21, 2024
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows...
Unknown
Unreviewed
CVE-2024-40746
was published
Oct 21, 2024
Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers...
Moderate
Unreviewed
CVE-2016-5265
was published
May 13, 2022
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-10198
was published
Oct 21, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified...
Moderate
Unreviewed
CVE-2024-10197
was published
Oct 21, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-10199
was published
Oct 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-48049
was published
Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-49606
was published
Oct 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-49631
was published
Oct 20, 2024
ProTip!
Advisories are also available from the
GraphQL API