GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,225 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43241
was published
Aug 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43246
was published
Aug 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43279
was published
Aug 19, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43304
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43303
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43330
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43306
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43348
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43313
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43238
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43276
was published
Aug 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43327
was published
Aug 18, 2024
The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-7301
was published
Aug 16, 2024
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-27729
was published
Aug 15, 2024
gettext.js has a Cross-site Scripting injection
High
CVE-2024-43370
was published
for
gettext.js
(npm)
Aug 15, 2024
Persistent Cross-site Scripting in eZ Platform Rich Text Field Type
High
CVE-2024-43372
was published
for
ezsystems/ezplatform-richtext
(Composer)
Aug 14, 2024
Persistent Cross-site Scripting in Ibexa RichText Field Type
High
CVE-2024-43369
was published
for
ibexa/fieldtype-richtext
(Composer)
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a DOM...
High
Unreviewed
CVE-2024-39400
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a...
High
Unreviewed
CVE-2024-39403
was published
Aug 14, 2024
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
High
Unreviewed
CVE-2024-38211
was published
Aug 13, 2024
An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a...
High
Unreviewed
CVE-2024-38502
was published
Aug 13, 2024
An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information...
High
Unreviewed
CVE-2024-5849
was published
Aug 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43126
was published
Aug 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43127
was published
Aug 13, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43220
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API