Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

32,145 advisories

Loading
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3... Moderate Unreviewed
CVE-2024-23782 was published Jan 29, 2024
The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms... Moderate Unreviewed
CVE-2024-0618 was published Jan 27, 2024
A vulnerability was found in CodeAstro Stock Management System 1.0 and classified as problematic.... Moderate Unreviewed
CVE-2024-0958 was published Jan 27, 2024
Cross-Site Scripting (XSS) vulnerability in Sunlight CMS 8.0.1 allows an authenticated low... Moderate Unreviewed
CVE-2023-48202 was published Jan 27, 2024
Cross Site Scripting (XSS) vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated... Moderate Unreviewed
CVE-2023-48201 was published Jan 27, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-0824 was published Jan 27, 2024
The Meks Smart Social Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-0664 was published Jan 27, 2024
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-6497 was published Jan 27, 2024
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an... Moderate Unreviewed
CVE-2024-20305 was published Jan 26, 2024
WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2024-22551 was published Jan 26, 2024
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-48127 was published Jan 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions after 13.7 before 16.6.6, 16... Moderate Unreviewed
CVE-2023-5933 was published Jan 26, 2024
A vulnerability was found in hongmaple octopus 1.0. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2024-0891 was published Jan 26, 2024
iGalerie v3.0.22 was discovered to contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2024-22639 was published Jan 25, 2024
Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker... Moderate Unreviewed
CVE-2023-52046 was published Jan 25, 2024
WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2024-22635 was published Jan 25, 2024
Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2024-22637 was published Jan 25, 2024
IceHrm 23.0.0.OS does not sufficiently encode user-controlled input, which creates a Cross-Site... Moderate Unreviewed
CVE-2023-6282 was published Jan 25, 2024
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting ... Moderate Unreviewed
CVE-2023-33758 was published Jan 25, 2024
The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-0688 was published Jan 25, 2024
The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-0625 was published Jan 25, 2024
DOM-based Cross Site Scripting (XSS vulnerability in 'Tail Event Logs' functionality in Nagios... Moderate Unreviewed
CVE-2021-43584 was published Jan 24, 2024
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS)... Moderate Unreviewed
CVE-2024-22725 was published Jan 24, 2024
Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature. Moderate Unreviewed
CVE-2024-22720 was published Jan 24, 2024
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2023-6697 was published Jan 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database