GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

32,145 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-site Scripting Vulnerability on Data Import Moderate

CVE-2024-23633 was published for label-studio (pip) Jan 24, 2024

An issue in COLORFUL_laundry mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed

CVE-2023-43999 was published Jan 24, 2024

An issue in nature fitness saijo mini-app on Line v13.6.1 allows attackers to send crafted... Moderate Unreviewed

CVE-2023-43988 was published Jan 24, 2024

The WP Customer Area plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-0665 was published Jan 24, 2024

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site... Moderate Unreviewed

CVE-2023-52329 was published Jan 23, 2024

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site... Moderate Unreviewed

CVE-2023-52327 was published Jan 23, 2024

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site... Moderate Unreviewed

CVE-2023-52328 was published Jan 23, 2024

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site... Moderate Unreviewed

CVE-2023-52326 was published Jan 23, 2024

A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to... Moderate Unreviewed

CVE-2023-52330 was published Jan 23, 2024

Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise)... Moderate Unreviewed

CVE-2023-41177 was published Jan 23, 2024

Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise)... Moderate Unreviewed

CVE-2023-41176 was published Jan 23, 2024

Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise)... Moderate Unreviewed

CVE-2023-41178 was published Jan 23, 2024

Cross-site Scripting in JFinal Moderate

CVE-2024-22497 was published for com.jfinal:jfinal (Maven) Jan 23, 2024

Cross-site Scripting in JFinal Moderate

CVE-2024-22496 was published for com.jfinal:jfinal (Maven) Jan 23, 2024

A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10... Moderate Unreviewed

CVE-2023-45889 was published Jan 23, 2024

Cross-site Scripting in beetl-bbs Moderate

CVE-2024-22490 was published for com.ibeetl:beetl (Maven) Jan 23, 2024

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7,... Moderate Unreviewed

CVE-2024-23183 was published Jan 23, 2024

The Sticky Buttons – floating buttons builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-0703 was published Jan 23, 2024

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7,... Moderate Unreviewed

CVE-2024-23181 was published Jan 23, 2024

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-0587 was published Jan 23, 2024

html injection vulnerability in the `tuitse_html` function. Moderate

CVE-2024-23341 was published for TuiTse-TsuSin (pip) Jan 22, 2024

The SEOPress WordPress plugin before 7.3 does not sanitise and escape some of its settings, which... Moderate Unreviewed

CVE-2023-6290 was published Jan 22, 2024

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some... Moderate Unreviewed

CVE-2023-6626 was published Jan 22, 2024

The Meris WordPress theme through 1.1.2 does not sanitise and escape some parameters before... Moderate Unreviewed

CVE-2023-7194 was published Jan 22, 2024

The EventON-RSVP WordPress plugin before 2.9.5 does not sanitise and escape some parameters... Moderate Unreviewed

CVE-2023-7170 was published Jan 22, 2024

Previous 1…393…400 Next

Previous 1 2 … 391 392 393 394 395 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

32,145 advisories