Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

32,145 advisories

Loading
Cross Site Scripting vulnerability in piwigo v.14.0.0 allows a remote attacker to obtain... Moderate Unreviewed
CVE-2023-51790 was published Jan 12, 2024
An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special... Moderate Unreviewed
CVE-2024-23179 was published Jan 12, 2024
An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x... Moderate Unreviewed
CVE-2024-23171 was published Jan 12, 2024
An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1... Moderate Unreviewed
CVE-2024-23174 was published Jan 12, 2024
An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1... Moderate Unreviewed
CVE-2024-23172 was published Jan 12, 2024
An issue was discovered in the Cargo extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x... Moderate Unreviewed
CVE-2024-23173 was published Jan 12, 2024
An issue was discovered in the WatchAnalytics extension in MediaWiki before 1.40.2. XSS can occur... Moderate Unreviewed
CVE-2024-23177 was published Jan 12, 2024
An issue was discovered in the Phonos extension in MediaWiki before 1.40.2. PhonosButton.js... Moderate Unreviewed
CVE-2024-23178 was published Jan 12, 2024
A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites... Moderate Unreviewed
CVE-2022-4960 was published Jan 12, 2024
A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0.... Moderate Unreviewed
CVE-2024-0424 was published Jan 11, 2024
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-0422 was published Jan 11, 2024
A vulnerability classified as problematic was found in qkmc-rk redbbs 1.0. Affected by this... Moderate Unreviewed
CVE-2022-4959 was published Jan 11, 2024
A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-0423 was published Jan 11, 2024
The application is vulnerable to Stored Cross-Site Scripting (XSS) in the endpoint /sofer... Moderate Unreviewed
CVE-2023-5118 was published Jan 11, 2024
The Oxygen Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom... Moderate Unreviewed
CVE-2023-6938 was published Jan 11, 2024
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter Moderate
CVE-2024-22195 was published for jinja2 (pip) Jan 11, 2024
CalumHutton
A vulnerability classified as problematic has been found in qkmc-rk redbbs 1.0. Affected is an... Moderate Unreviewed
CVE-2022-4958 was published Jan 11, 2024
The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2023-6994 was published Jan 11, 2024
The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2023-7070 was published Jan 11, 2024
The Weaver Xtreme theme for WordPress is vulnerable to Stored Cross-Site Scripting via custom... Moderate Unreviewed
CVE-2023-6990 was published Jan 11, 2024
The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Ready... Moderate Unreviewed
CVE-2023-6776 was published Jan 11, 2024
The Limit Login Attempts Reloaded plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-6934 was published Jan 11, 2024
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-6781 was published Jan 11, 2024
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2023-6782 was published Jan 11, 2024
The Photo Gallery by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-6924 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database