Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,008 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35737 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35740 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35733 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35738 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35739 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35752 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35751 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35731 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35730 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35753 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35756 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35755 was published Jun 8, 2024
A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue... Moderate Unreviewed
CVE-2024-5766 was published Jun 8, 2024
The SKT Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2024-5091 was published Jun 8, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’... Moderate Unreviewed
CVE-2024-5613 was published Jun 8, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’... Moderate Unreviewed
CVE-2024-5638 was published Jun 8, 2024
The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-5663 was published Jun 8, 2024
Zend_Filter_StripTags vulnerable to Cross-site Scripting when comments allowed Moderate
GHSA-4vf6-mq7w-3hp6 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide` Moderate
GHSA-4v57-pwvf-x35j was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zend-Form vulnerable to Cross-site Scripting Moderate
GHSA-gvpp-6jrj-5pqc was published for zendframework/zend-form (Composer) Jun 7, 2024
Zendframework Potential XSS or HTML Injection vector in Zend_Json Moderate
GHSA-vvm3-rv48-j3g5 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework Cross-site Scripting vector in `Zend_Filter_StripTags` Moderate
GHSA-gwpm-pm6x-h7rj was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework Potential Cross-site Scripting in Development Environment Error View Script Moderate
GHSA-g52p-86j5-xr8q was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework potential Cross-site Scripting vectors due to inconsistent encodings Moderate
GHSA-hg35-vqp3-fv39 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework potential Cross-site Scripting vector in `Zend_Dojo_View_Helper_Editor` Moderate
GHSA-j543-vg33-g6vj was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database