Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,660 advisories

Loading
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40726 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40727 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40742 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-38972 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40736 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40730 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40734 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40735 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40731 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40739 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40733 was published Jul 9, 2024
XSS vulnerability in DJ-HelpfulArticles component for Joomla. Moderate Unreviewed
CVE-2024-27183 was published Jul 9, 2024
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-40740 was published Jul 9, 2024
vaeThink 1.0.2 is vulnerable to stored Cross Site Scripting (XSS) in the system backend. Moderate Unreviewed
CVE-2024-38971 was published Jul 9, 2024
Azure DevOps Server Spoofing Vulnerability High Unreviewed
CVE-2024-35267 was published Jul 9, 2024
Azure DevOps Server Spoofing Vulnerability High Unreviewed
CVE-2024-35266 was published Jul 9, 2024
Inadequate content filtering leads to XSS vulnerabilities in various components. Unknown Unreviewed
CVE-2024-26279 was published Jul 9, 2024
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method. Unknown Unreviewed
CVE-2024-21731 was published Jul 9, 2024
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field. Unknown Unreviewed
CVE-2024-21729 was published Jul 9, 2024
The Custom Fields component not correctly filter inputs, leading to a XSS vector. Unknown Unreviewed
CVE-2024-26278 was published Jul 9, 2024
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector. Unknown Unreviewed
CVE-2024-21730 was published Jul 9, 2024
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of... Moderate Unreviewed
CVE-2024-5802 was published Jul 9, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is... Moderate Unreviewed
CVE-2024-6170 was published Jul 9, 2024
The Blog, Posts and Category Filter for Elementor plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-4667 was published Jul 9, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is... Moderate Unreviewed
CVE-2024-6169 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API