Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

29,187 advisories

Loading
The Hide My WP Ghost – Security & Firewall plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-10825 was published Nov 15, 2024
The Yotpo: Product & Photo Reviews for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9356 was published Nov 15, 2024
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed
CVE-2024-10793 was published Nov 15, 2024
Cross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this... Moderate Unreviewed
CVE-2024-39610 was published Nov 15, 2024
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-10113 was published Nov 15, 2024
The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads... High Unreviewed
CVE-2024-10260 was published Nov 15, 2024
The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is... Moderate Unreviewed
CVE-2024-9609 was published Nov 15, 2024
Cross Site Scripting vulnerability in Virtuozzo Hybrid Server for WHMCS Open Source v.1.7.1... Moderate Unreviewed
CVE-2024-40579 was published Nov 15, 2024
A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/school_year.php of... Moderate Unreviewed
CVE-2024-50842 was published Nov 14, 2024
A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/admin_user.php in... Moderate Unreviewed
CVE-2024-50837 was published Nov 14, 2024
A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/calendar_of_events.php... Moderate Unreviewed
CVE-2024-50841 was published Nov 14, 2024
Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra... Moderate Unreviewed
CVE-2024-7124 was published Nov 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4... Moderate Unreviewed
CVE-2024-8648 was published Nov 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4... Moderate Unreviewed
CVE-2024-8180 was published Nov 14, 2024
IBM Security ReaQta 3.12 is vulnerable to cross-site scripting. This vulnerability allows a... Low Unreviewed
CVE-2024-45099 was published Nov 14, 2024
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-5920 was published Nov 14, 2024
VaeMendis - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site... High Unreviewed
CVE-2024-45254 was published Nov 14, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-7787 was published Nov 14, 2024
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2 ... Moderate Unreviewed
CVE-2024-5083 was published Nov 14, 2024
Stored XSS vulnerability in Jenkins Authorize Project Plugin High
CVE-2024-52552 was published for org.jenkins-ci.plugins:authorize-project (Maven) Nov 13, 2024
UnoPim Stored XSS : Cookie hijacking through Create User function Moderate
CVE-2024-52305 was published for unopim/unopim (Composer) Nov 13, 2024
yamerooo123
A vulnerability was found in Public CMS 5.202406.d and classified as problematic. This issue... Moderate Unreviewed
CVE-2024-11175 was published Nov 13, 2024
A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor... Moderate Unreviewed
CVE-2024-50969 was published Nov 13, 2024
decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds Moderate
CVE-2024-45594 was published for decidim-meetings (RubyGems) Nov 13, 2024
whotwagner
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-9477 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database