Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,225 advisories

Loading
Decidim has a cross-site scripting vulnerability in the version control page High
CVE-2024-41673 was published for decidim (RubyGems) Oct 1, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE... High Unreviewed
CVE-2024-2010 was published Sep 12, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name High
CVE-2024-47524 was published for librenms/librenms (Composer) Oct 1, 2024
minhnq1618
Special Element Injection in notebook High
CVE-2021-32798 was published for notebook (pip) Aug 23, 2021
0xDeva
modoboa Cross-site Scripting vulnerability High
CVE-2023-5689 was published for modoboa (pip) Oct 20, 2023
The 123.chat - Video Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... High Unreviewed
CVE-2024-7869 was published Oct 1, 2024
A stored cross site scripting vulnerability exists in Nessus Network Monitor where an... High Unreviewed
CVE-2024-9158 was published Sep 30, 2024
Mautic vulnerable to stored cross-site scripting in description field High
CVE-2021-27915 was published for mautic/core (Composer) Apr 11, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40508 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40506 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40507 was published Sep 27, 2024
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an... High Unreviewed
CVE-2023-39208 was published Sep 12, 2023
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40509 was published Sep 27, 2024
Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests... High Unreviewed
CVE-2024-38308 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40511 was published Sep 27, 2024
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain... High Unreviewed
CVE-2024-40512 was published Sep 27, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-8608 was published Sep 27, 2024
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-6931 was published Sep 27, 2024
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS High
CVE-2024-47068 was published for rollup (npm) Sep 23, 2024
jackfromeast ishmeals
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a... High Unreviewed
CVE-2022-4541 was published Sep 26, 2024
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross... High Unreviewed
CVE-2024-9198 was published Sep 26, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-36670 was published Jun 5, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43959 was published Sep 25, 2024
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-7617 was published Sep 25, 2024
The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin... High Unreviewed
CVE-2024-8914 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database