GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,660 advisories
Filter by severity
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version...
Critical
Unreviewed
CVE-2024-6035
was published
Jul 11, 2024
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting')...
Moderate
Unreviewed
CVE-2024-6528
was published
Jul 11, 2024
The Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6256
was published
Jul 11, 2024
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not...
Moderate
Unreviewed
CVE-2024-6138
was published
Jul 11, 2024
The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2024-6026
was published
Jul 11, 2024
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block...
Moderate
Unreviewed
CVE-2024-4655
was published
Jul 11, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some...
Moderate
Unreviewed
CVE-2024-6025
was published
Jul 11, 2024
The Bible Text WordPress plugin through 0.2 does not validate and escape some of its shortcode...
Moderate
Unreviewed
CVE-2024-5444
was published
Jul 11, 2024
Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to...
Critical
Unreviewed
CVE-2024-40618
was published
Jul 11, 2024
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and...
Moderate
Unreviewed
CVE-2024-6650
was published
Jul 11, 2024
Decidim cross-site scripting (XSS) in the admin panel
Moderate
CVE-2024-27095
was published
for
decidim-admin
(RubyGems)
Jul 10, 2024
Decidim cross-site scripting (XSS) in the pagination
High
CVE-2024-32469
was published
for
decidim
(RubyGems)
Jul 10, 2024
idccms v1.35 is vulnerable to Cross Site Scripting (XSS) within the 'Image Advertising Management.'
Moderate
Unreviewed
CVE-2024-40336
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40333
was published
Jul 10, 2024
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor....
Low
Unreviewed
CVE-2024-22477
was published
Jul 10, 2024
BookStack Incorrect Access Control vulnerability
High
CVE-2024-36676
was published
for
ssddanbrown/bookstack
(Composer)
Jul 10, 2024
Silverpeas Core Cross-site Scripting vulnerability
Moderate
CVE-2024-39031
was published
for
org.silverpeas.core:silverpeas-core-rs
(Maven)
Jul 9, 2024
Cross Site Scripting vulnerability in Creativeitem Academy LMS Learning Management System v.6.8.1...
Moderate
Unreviewed
CVE-2024-38959
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40036
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40729
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40728
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40737
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40738
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40732
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40741
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API