GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,774
Maven
5,000
npm
3,541
NuGet
617
pip
3,123
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
23,531 advisories
Filter by severity
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38156
was published
Jul 19, 2024
IBM ClearQuest (CQ) 9.1 through 9.1.0.6 is vulnerable to stored cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-28796
was published
Jul 17, 2024
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition...
Low
Unreviewed
CVE-2024-38870
was published
Jul 17, 2024
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and...
Moderate
Unreviewed
CVE-2024-6807
was published
Jul 17, 2024
An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting...
Unknown
Unreviewed
CVE-2024-4224
was published
Jul 15, 2024
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote...
Moderate
Unreviewed
CVE-2024-6740
was published
Jul 15, 2024
AguardNet Technology's Space Management System does not properly filter user input, allowing...
Moderate
Unreviewed
CVE-2024-6742
was published
Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a...
Moderate
Unreviewed
CVE-2024-6073
was published
Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a...
Moderate
Unreviewed
CVE-2024-6076
was published
Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a...
Moderate
Unreviewed
CVE-2024-6074
was published
Jul 15, 2024
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag...
Moderate
Unreviewed
CVE-2024-6739
was published
Jul 15, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $_SERVER[...
Moderate
Unreviewed
CVE-2024-6072
was published
Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting...
Moderate
Unreviewed
CVE-2024-39735
was published
Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site...
Moderate
Unreviewed
CVE-2024-39728
was published
Jul 15, 2024
IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an...
Moderate
Unreviewed
CVE-2024-40690
was published
Jul 12, 2024
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting ...
Moderate
Unreviewed
CVE-2024-6485
was published
Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-6484
was published
Jul 11, 2024
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-6531
was published
Jul 11, 2024
A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version...
Critical
Unreviewed
CVE-2024-6035
was published
Jul 11, 2024
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting')...
Moderate
Unreviewed
CVE-2024-6528
was published
Jul 11, 2024
The Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6256
was published
Jul 11, 2024
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.0.9 does not...
Moderate
Unreviewed
CVE-2024-6138
was published
Jul 11, 2024
The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2024-6026
was published
Jul 11, 2024
The Ultimate Blocks WordPress plugin before 3.1.9 does not validate and escape some of its block...
Moderate
Unreviewed
CVE-2024-4655
was published
Jul 11, 2024
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some...
Moderate
Unreviewed
CVE-2024-6025
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API