Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

30,745 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56288 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56285 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56287 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56289 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56292 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56293 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56298 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56296 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-56297 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56299 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22261 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22293 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49633 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-51700 was published Jan 7, 2025
The Service Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions... Moderate Unreviewed
CVE-2024-12699 was published Jan 7, 2025
The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-9354 was published Jan 7, 2025
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, &... Moderate Unreviewed
CVE-2024-9502 was published Jan 7, 2025
The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected... Moderate Unreviewed
CVE-2024-12077 was published Jan 7, 2025
Improper Neutralization of Input During CMS Backend (adminstrative section) Web Page Generation ... High Unreviewed
CVE-2024-11626 was published Jan 7, 2025
The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-12516 was published Jan 7, 2025
The Solar Wizard Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-11764 was published Jan 7, 2025
The Sina Extension for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12624 was published Jan 7, 2025
The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12437 was published Jan 7, 2025
The Bootstrap Blocks for WP Editor v2 plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12495 was published Jan 7, 2025
The WP jQuery DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12499 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database