Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,660 advisories

Loading
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version... Critical Unreviewed
CVE-2024-6035 was published Jul 11, 2024
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-6528 was published Jul 11, 2024
The Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress is... Moderate Unreviewed
CVE-2024-6256 was published Jul 11, 2024
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not... Moderate Unreviewed
CVE-2024-6138 was published Jul 11, 2024
The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2024-6026 was published Jul 11, 2024
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block... Moderate Unreviewed
CVE-2024-4655 was published Jul 11, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some... Moderate Unreviewed
CVE-2024-6025 was published Jul 11, 2024
The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode... Moderate Unreviewed
CVE-2024-5444 was published Jul 11, 2024
Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to... Critical Unreviewed
CVE-2024-40618 was published Jul 11, 2024
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and... Moderate Unreviewed
CVE-2024-6650 was published Jul 11, 2024
Decidim cross-site scripting (XSS) in the admin panel Moderate
CVE-2024-27095 was published for decidim-admin (RubyGems) Jul 10, 2024
Decidim cross-site scripting (XSS) in the pagination High
CVE-2024-32469 was published for decidim (RubyGems) Jul 10, 2024
PatrickHimler
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.' Moderate Unreviewed
CVE-2024-40336 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40333 was published Jul 10, 2024
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor.... Low Unreviewed
CVE-2024-22477 was published Jul 10, 2024
BookStack Incorrect Access Control vulnerability High
CVE-2024-36676 was published for ssddanbrown/bookstack (Composer) Jul 10, 2024
Silverpeas Core Cross-site Scripting vulnerability Moderate
CVE-2024-39031 was published for org.silverpeas.core:silverpeas-core-rs (Maven) Jul 9, 2024
Cross Site Scripting vulnerability in Creativeitem Academy LMS Learning Management System v.6.8.1... Moderate Unreviewed
CVE-2024-38959 was published Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40036 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40729 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40728 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40737 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40738 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40732 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40741 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API