Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

32,145 advisories

Loading
The Meris WordPress theme through 1.1.2 does not sanitise and escape some parameters before... Moderate Unreviewed
CVE-2023-7194 was published Jan 22, 2024
The WP Review Slider WordPress plugin before 13.0 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2023-6456 was published Jan 22, 2024
A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified... Moderate Unreviewed
CVE-2024-0782 was published Jan 22, 2024
A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0.... Moderate Unreviewed
CVE-2024-0776 was published Jan 22, 2024
A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0.... Moderate Unreviewed
CVE-2024-0773 was published Jan 22, 2024
Cross-site Scripting in Ghost Moderate
CVE-2024-23725 was published for ghost (npm) Jan 21, 2024
JavaScript execution via malicious molfiles (XSS) Moderate
CVE-2024-0758 was published for de.ipb-halle:molecularfaces (Maven) Jan 19, 2024
JupyterLab vulnerable to SXSS in Markdown Preview Moderate
CVE-2024-22420 was published for jupyterlab (pip) Jan 19, 2024
A vulnerability was found in code-projects Social Networking Site 1.0 and classified as... Moderate Unreviewed
CVE-2024-0722 was published Jan 19, 2024
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been... Moderate Unreviewed
CVE-2024-0726 was published Jan 19, 2024
A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2024-0721 was published Jan 19, 2024
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up... Moderate Unreviewed
CVE-2024-0720 was published Jan 19, 2024
StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS)... Moderate Unreviewed
CVE-2024-22876 was published Jan 19, 2024
Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS... Moderate Unreviewed
CVE-2023-51946 was published Jan 19, 2024
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case... Moderate Unreviewed
CVE-2024-22877 was published Jan 19, 2024
FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is... Moderate Unreviewed
CVE-2024-23387 was published Jan 19, 2024
SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is... Moderate Unreviewed
CVE-2024-23659 was published Jan 19, 2024
A vulnerability, which was classified as problematic, was found in AtroCore AtroPIM 1.8.4. This... Moderate Unreviewed
CVE-2024-0696 was published Jan 19, 2024
Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged... Moderate Unreviewed
CVE-2023-49943 was published Jan 18, 2024
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website... Moderate Unreviewed
CVE-2024-22548 was published Jan 18, 2024
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website... Moderate Unreviewed
CVE-2024-22549 was published Jan 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-7153 was published Jan 18, 2024
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2023-51464 was published Jan 18, 2024
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site... Moderate Unreviewed
CVE-2023-51463 was published Jan 18, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2023-6970 was published Jan 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database