GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,660 advisories
Filter by severity
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40726
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40727
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40742
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-38972
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40736
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40730
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40734
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40735
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40731
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40739
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40733
was published
Jul 9, 2024
XSS vulnerability in DJ-HelpfulArticles component for Joomla.
Moderate
Unreviewed
CVE-2024-27183
was published
Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-40740
was published
Jul 9, 2024
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting (XSS) in the system backend.
Moderate
Unreviewed
CVE-2024-38971
was published
Jul 9, 2024
Inadequate content filtering leads to XSS vulnerabilities in various components.
Unknown
Unreviewed
CVE-2024-26279
was published
Jul 9, 2024
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
Unknown
Unreviewed
CVE-2024-21731
was published
Jul 9, 2024
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
Unknown
Unreviewed
CVE-2024-21729
was published
Jul 9, 2024
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
Unknown
Unreviewed
CVE-2024-26278
was published
Jul 9, 2024
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
Unknown
Unreviewed
CVE-2024-21730
was published
Jul 9, 2024
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of...
Moderate
Unreviewed
CVE-2024-5802
was published
Jul 9, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6170
was published
Jul 9, 2024
The Blog, Posts and Category Filter for Elementor plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-4667
was published
Jul 9, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6169
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API