Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

29,044 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51780 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51781 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51763 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51762 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-10676 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51783 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51784 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51786 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-51782 was published Nov 9, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-51787 was published Nov 9, 2024
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More... Moderate Unreviewed
CVE-2024-10876 was published Nov 9, 2024
The Contact Form 7 – PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-10683 was published Nov 9, 2024
The Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages plugin for WordPress is... Moderate Unreviewed
CVE-2024-9226 was published Nov 9, 2024
The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8960 was published Nov 9, 2024
The Lenxel Core for Lenxel(LNX) LMS plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-9270 was published Nov 9, 2024
The Anih - Creative Agency WordPress Theme theme for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-9775 was published Nov 9, 2024
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight... High Unreviewed
CVE-2024-9841 was published Nov 8, 2024
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-10325 was published Nov 8, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks... Moderate Unreviewed
CVE-2024-10187 was published Nov 8, 2024
The Easy SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST... Moderate Unreviewed
CVE-2024-10269 was published Nov 8, 2024
The Registrations for the Events Calendar WordPress plugin before 2.12.4 does not sanitise and... Critical Unreviewed
CVE-2024-7982 was published Nov 8, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-49523 was published Nov 8, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2024-49524 was published Nov 8, 2024
Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier. Moderate Unreviewed
CVE-2024-51434 was published Nov 8, 2024
The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for... Moderate Unreviewed
CVE-2024-36064 was published Nov 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database