GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,525
Composer 3,985
Erlang 29
GitHub Actions 16
Go 1,774
Maven 5,000
npm 3,541
NuGet 617
pip 3,123
Pub 10
RubyGems 838
Rust 790
Swift 34

Unreviewed advisories

All unreviewed 223,106

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

26,660 advisories

Filter by severity

Sort by

Least recently updated

Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via... Moderate Unreviewed

CVE-2024-29318 was published Jul 5, 2024

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via... Critical Unreviewed

CVE-2024-23998 was published Jul 5, 2024

A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter... Moderate Unreviewed

CVE-2024-6526 was published Jul 5, 2024

A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-6523 was published Jul 5, 2024

drupal-wiki.com Drupal Wiki before 8.31.1 allows XSS via comments, captions, and image titles of... Moderate Unreviewed

CVE-2024-34481 was published Jul 5, 2024

A vulnerability classified as problematic was found in y_project RuoYi up to 4.7.9. Affected by... Moderate Unreviewed

CVE-2024-6511 was published Jul 4, 2024

The One Click Order Re-Order plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-5641 was published Jul 4, 2024

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-3638 was published Jul 4, 2024

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-3639 was published Jul 4, 2024

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2926 was published Jul 4, 2024

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-6340 was published Jul 3, 2024

The WP Lightbox 2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-6263 was published Jul 3, 2024

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed

CVE-2024-4482 was published Jul 3, 2024

The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider... Moderate Unreviewed

CVE-2024-2375 was published Jul 3, 2024

The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings,... Moderate Unreviewed

CVE-2024-2234 was published Jul 3, 2024

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including... Moderate Unreviewed

CVE-2024-3801 was published Jul 3, 2024

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a... Moderate Unreviewed

CVE-2024-5737 was published Jul 3, 2024

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture. Moderate Unreviewed

CVE-2024-37741 was published Jul 3, 2024

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including... Moderate Unreviewed

CVE-2024-3800 was published Jul 3, 2024

The Widget4Call WordPress plugin through 1.0.7 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-5727 was published Jul 3, 2024

The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-4268 was published Jul 2, 2024

The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-6264 was published Jul 2, 2024

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low... Moderate Unreviewed

CVE-2024-39143 was published Jul 2, 2024

The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-6011 was published Jul 2, 2024

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0... Moderate Unreviewed

CVE-2024-38857 was published Jul 2, 2024

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,660 advisories