Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

32,146 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52193 was published Feb 1, 2024
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and... Moderate Unreviewed
CVE-2024-23941 was published Feb 1, 2024
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2023-7069 was published Feb 1, 2024
Grafana Cross-site Scripting (XSS) Moderate
CVE-2018-12099 was published for github.com/grafana/grafana (Go) Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22146 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22153 was published Jan 31, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code... Moderate Unreviewed
CVE-2024-1111 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22158 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22150 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22292 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22297 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22295 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22161 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22302 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22310 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22306 was published Jan 31, 2024
Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and... Moderate Unreviewed
CVE-2023-50166 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-23502 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-23505 was published Jan 31, 2024
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-1103 was published Jan 31, 2024
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-0589 was published Jan 31, 2024
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low... Moderate Unreviewed
CVE-2023-50357 was published Jan 31, 2024
A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected... Moderate Unreviewed
CVE-2024-1099 was published Jan 31, 2024
Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute... Moderate Unreviewed
CVE-2024-22569 was published Jan 31, 2024
The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro'... Moderate Unreviewed
CVE-2023-2439 was published Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database