Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

24,031 advisories

Loading
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2024-38156 was published Jul 19, 2024
IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed
CVE-2024-28796 was published Jul 17, 2024
Roundup Cross-site Scripting Vulnerability Moderate
CVE-2024-39125 was published for roundup (pip) Jul 17, 2024
Roundup Cross-site Scripting Vulnerability Moderate
CVE-2024-39126 was published for roundup (pip) Jul 17, 2024
Roundup Cross-site Scripting Vulnerability Moderate
CVE-2024-39124 was published for roundup (pip) Jul 17, 2024
Silverstripe uses TinyMCE which allows svg files linked in object tags Moderate
GHSA-52cw-pvq9-9m5v was published for silverstripe/framework (Composer) Jul 17, 2024
Silverstripe Framework has a Cross-site Scripting vulnerability with encoded payload Moderate
CVE-2024-32981 was published for silverstripe/framework (Composer) Jul 17, 2024
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and... Moderate Unreviewed
CVE-2024-6807 was published Jul 17, 2024
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote... Moderate Unreviewed
CVE-2024-6740 was published Jul 15, 2024
AguardNet Technology's Space Management System does not properly filter user input, allowing... Moderate Unreviewed
CVE-2024-6742 was published Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-6073 was published Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-6076 was published Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a... Moderate Unreviewed
CVE-2024-6074 was published Jul 15, 2024
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed
CVE-2024-6739 was published Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $_SERVER[... Moderate Unreviewed
CVE-2024-6072 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting... Moderate Unreviewed
CVE-2024-39735 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site... Moderate Unreviewed
CVE-2024-39728 was published Jul 15, 2024
IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-40690 was published Jul 12, 2024
Login by Auth0 plugin for WordPress vulnerable to Reflected Cross-Site Scripting Moderate
CVE-2023-6813 was published for auth0/wordpress (Composer) Jul 11, 2024
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting ... Moderate Unreviewed
CVE-2024-6485 was published Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2024-6484 was published Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2024-6531 was published Jul 11, 2024
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-6528 was published Jul 11, 2024
The Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress is... Moderate Unreviewed
CVE-2024-6256 was published Jul 11, 2024
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not... Moderate Unreviewed
CVE-2024-6138 was published Jul 11, 2024
ProTip! Advisories are also available from the GraphQL API