GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

37,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-35655 was published Jun 4, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-35666 was published Jun 4, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-35664 was published Jun 4, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-35668 was published Jun 4, 2024

Cross-Site Scripting (XSS) in TYPO3 component CSS styled content Moderate

GHSA-8j9v-4hhh-x43c was published for typo3/cms (Composer) Jun 4, 2024

ydata cross-site scripting High

CVE-2024-37063 was published for ydata-profiling (pip) Jun 4, 2024

The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... Moderate Unreviewed

CVE-2024-4637 was published Jun 4, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-46310 was published Jun 4, 2024

The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-4581 was published Jun 4, 2024

Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver... Unknown Unreviewed

CVE-2024-5420 was published Jun 4, 2024

The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId"... High Unreviewed

CVE-2024-4749 was published Jun 4, 2024

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-4697 was published Jun 4, 2024

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter... High Unreviewed

CVE-2024-4856 was published Jun 4, 2024

The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted... Critical Unreviewed

CVE-2024-4180 was published Jun 4, 2024

The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-4273 was published Jun 4, 2024

The Simple Ajax Chat WordPress plugin before 20240412 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-2470 was published Jun 4, 2024

The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.37 does not validate and... Moderate Unreviewed

CVE-2024-4057 was published Jun 4, 2024

The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form... Moderate Unreviewed

CVE-2024-4857 was published Jun 4, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-23735 was published Jun 4, 2024

Reflected Cross-Site Scripting (XSS) in Dolibarr Moderate

CVE-2024-34051 was published for dolibarr/dolibarr (Composer) Jun 3, 2024

A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to... Moderate Unreviewed

CVE-2023-51219 was published Jun 3, 2024

LyLme_spage v1.9.5 is vulnerable to Cross Site Scripting (XSS) via admin/link.php. Moderate Unreviewed

CVE-2024-36674 was published Jun 3, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-34791 was published Jun 3, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-34796 was published Jun 3, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2024-34764 was published Jun 3, 2024

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

37,007 advisories