GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
131 advisories
Filter by severity
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML...
Moderate
Unreviewed
CVE-2024-41752
was published
Dec 18, 2024
The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS...
Moderate
Unreviewed
CVE-2024-12127
was published
Dec 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-54223
was published
Dec 9, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-47869
was published
Dec 9, 2024
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a...
Low
Unreviewed
CVE-2024-42195
was published
Dec 5, 2024
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated...
Moderate
Unreviewed
CVE-2020-26067
was published
Nov 18, 2024
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-10592
was published
Nov 16, 2024
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an...
Moderate
Unreviewed
CVE-2022-20654
was published
Nov 15, 2024
The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin...
Moderate
Unreviewed
CVE-2024-10038
was published
Nov 13, 2024
The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-10621
was published
Nov 8, 2024
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure...
Moderate
Unreviewed
CVE-2024-20504
was published
Nov 6, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-9147
was published
Nov 4, 2024
The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-9438
was published
Oct 29, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20382
was published
Oct 23, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20341
was published
Oct 23, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
High
Unreviewed
CVE-2024-44061
was published
Oct 20, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20460
was published
Oct 16, 2024
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ...
Moderate
Unreviewed
CVE-2024-47139
was published
Oct 16, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that...
Moderate
Unreviewed
CVE-2024-38039
was published
Oct 4, 2024
The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
High
Unreviewed
CVE-2024-8981
was published
Oct 1, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE...
High
Unreviewed
CVE-2024-2010
was published
Sep 12, 2024
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2...
Moderate
Unreviewed
CVE-2024-38859
was published
Aug 26, 2024
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by...
Moderate
Unreviewed
CVE-2024-8145
was published
Aug 25, 2024
ProTip!
Advisories are also available from the
GraphQL API