GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,225 advisories
Filter by severity
Decidim has a cross-site scripting vulnerability in the version control page
High
CVE-2024-41673
was published
for
decidim
(RubyGems)
Oct 1, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE...
High
Unreviewed
CVE-2024-2010
was published
Sep 12, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name
High
CVE-2024-47524
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
Special Element Injection in notebook
High
CVE-2021-32798
was published
for
notebook
(pip)
Aug 23, 2021
modoboa Cross-site Scripting vulnerability
High
CVE-2023-5689
was published
for
modoboa
(pip)
Oct 20, 2023
The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in...
High
Unreviewed
CVE-2024-7869
was published
Oct 1, 2024
A stored cross site scripting vulnerability exists in Nessus Network Monitor where an...
High
Unreviewed
CVE-2024-9158
was published
Sep 30, 2024
Mautic vulnerable to stored cross-site scripting in description field
High
CVE-2021-27915
was published
for
mautic/core
(Composer)
Apr 11, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40508
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40506
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40507
was published
Sep 27, 2024
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an...
High
Unreviewed
CVE-2023-39208
was published
Sep 12, 2023
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40509
was published
Sep 27, 2024
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests...
High
Unreviewed
CVE-2024-38308
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40511
was published
Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-40512
was published
Sep 27, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-8608
was published
Sep 27, 2024
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-6931
was published
Sep 27, 2024
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS
High
CVE-2024-47068
was published
for
rollup
(npm)
Sep 23, 2024
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a...
High
Unreviewed
CVE-2022-4541
was published
Sep 26, 2024
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross...
High
Unreviewed
CVE-2024-9198
was published
Sep 26, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36670
was published
Jun 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-43959
was published
Sep 25, 2024
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-7617
was published
Sep 25, 2024
The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin...
High
Unreviewed
CVE-2024-8914
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API