Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,835
Erlang
36
GitHub Actions
33
Go
2,452
Maven
5,000+
npm
4,077
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32,705 advisories

Loading
Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-20799 was published Apr 2, 2024
The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-2839 was published Apr 2, 2024
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-2925 was published Apr 2, 2024
The My Calendar WordPress plugin before 3.4.24 does not sanitise and escape some parameters,... Moderate Unreviewed
CVE-2024-1274 was published Apr 2, 2024
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.7 does not validate and escape... Moderate Unreviewed
CVE-2024-2369 was published Apr 2, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Computer... Moderate Unreviewed
CVE-2024-3140 was published Apr 2, 2024
A vulnerability has been found in Clavister E10 and E80 up to 20240323 and classified as... Low Unreviewed
CVE-2024-3141 was published Apr 2, 2024
A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability... Low Unreviewed
CVE-2024-3125 was published Apr 1, 2024
A vulnerability was found in sequentech admin-console up to 6.1.7 and classified as problematic.... Moderate Unreviewed
CVE-2022-4966 was published Apr 1, 2024
WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the image attachment viewer. Moderate Unreviewed
CVE-2024-25080 was published Apr 1, 2024
Themify WordPress plugin before 1.4.4 does not sanitise and escape a parameter before outputting... Moderate Unreviewed
CVE-2024-2263 was published Apr 1, 2024
Themify WordPress plugin before 1.4.4 does not sanitise and escape some of its Filters settings,... Moderate Unreviewed
CVE-2024-2278 was published Apr 1, 2024
'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109... Moderate Unreviewed
CVE-2024-28895 was published Apr 1, 2024
A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified... Moderate Unreviewed
CVE-2014-125110 was published Apr 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-31103 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-31104 was published Mar 31, 2024
Contributor Cross Site Scripting (XSS) in HeartThis <= 0.1.0 versions. Moderate Unreviewed
CVE-2024-31121 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-31122 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-31123 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30524 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30530 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30548 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-30550 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30549 was published Mar 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-30552 was published Mar 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database