GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
114 advisories
Filter by severity
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML...
Moderate
Unreviewed
CVE-2024-41752
was published
Dec 18, 2024
The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS...
Moderate
Unreviewed
CVE-2024-12127
was published
Dec 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-54223
was published
Dec 9, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-47869
was published
Dec 9, 2024
A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated...
Moderate
Unreviewed
CVE-2020-26067
was published
Nov 18, 2024
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-10592
was published
Nov 16, 2024
A vulnerability in the web-based interface of Cisco Webex Meetings could allow an...
Moderate
Unreviewed
CVE-2022-20654
was published
Nov 15, 2024
The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin...
Moderate
Unreviewed
CVE-2024-10038
was published
Nov 13, 2024
The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-10621
was published
Nov 8, 2024
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure...
Moderate
Unreviewed
CVE-2024-20504
was published
Nov 6, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2024-9147
was published
Nov 4, 2024
The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-9438
was published
Oct 29, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20382
was published
Oct 23, 2024
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2024-20341
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20460
was published
Oct 16, 2024
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ...
Moderate
Unreviewed
CVE-2024-47139
was published
Oct 16, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that...
Moderate
Unreviewed
CVE-2024-38039
was published
Oct 4, 2024
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8872
was published
Sep 26, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2...
Moderate
Unreviewed
CVE-2024-38859
was published
Aug 26, 2024
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by...
Moderate
Unreviewed
CVE-2024-8145
was published
Aug 25, 2024
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7629
was published
Aug 21, 2024
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41697
was published
Aug 20, 2024
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41693
was published
Jul 30, 2024
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote...
Moderate
Unreviewed
CVE-2024-27716
was published
Jul 5, 2024
ProTip!
Advisories are also available from the
GraphQL API