Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

32,146 advisories

Loading
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is... Moderate Unreviewed
CVE-2023-6982 was published Feb 6, 2024
The (Simply) Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-0254 was published Feb 6, 2024
The PDF Generator For Fluent Forms – The Contact Form Plugin plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2023-6953 was published Feb 6, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-0255 was published Feb 6, 2024
The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-6807 was published Feb 6, 2024
The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2023-6526 was published Feb 6, 2024
Stimulsoft Dashboard.JS Cross Site Scripting vulnerability Moderate
CVE-2024-24396 was published for stimulsoft-dashboards-js (npm) Feb 5, 2024
phpMyFAQ vulnerable to stored XSS on attachments filename Moderate
CVE-2024-24574 was published for phpmyfaq/phpmyfaq (Composer) Feb 5, 2024
nikkoenggaliano
Stimulsoft Dashboard.JS Cross Site Scripting vulnerability Moderate
CVE-2024-24397 was published for stimulsoft-dashboards-js (npm) Feb 5, 2024
A reflected cross-site scripting (XSS) vulnerability exists in the SVG version of System... Moderate Unreviewed
CVE-2023-6028 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24838 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24839 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24865 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24841 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24870 was published Feb 5, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51504 was published Feb 5, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting... Moderate Unreviewed
CVE-2023-50947 was published Feb 4, 2024
A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-1215 was published Feb 3, 2024
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize... Moderate Unreviewed
CVE-2023-49950 was published Feb 3, 2024
The PDF Flipbook, 3D Flipbook – DearFlip plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-0895 was published Feb 3, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform... Moderate Unreviewed
CVE-2023-37528 was published Feb 3, 2024
A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1... Moderate Unreviewed
CVE-2024-1196 was published Feb 3, 2024
A reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix... Moderate Unreviewed
CVE-2023-37527 was published Feb 2, 2024
MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do. Moderate Unreviewed
CVE-2024-24160 was published Feb 2, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If... Moderate Unreviewed
CVE-2023-47561 was published Feb 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database