GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

114 advisories

Filter by severity

Sort by

Least recently updated

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML... Moderate Unreviewed

CVE-2024-41752 was published Dec 18, 2024

The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS... Moderate Unreviewed

CVE-2024-12127 was published Dec 17, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-54223 was published Dec 9, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-47869 was published Dec 9, 2024

Stored XSS in graph rendering in Checkmk <2.3.0b4. Moderate Unreviewed

CVE-2024-2380 was published Apr 5, 2024

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2... Moderate Unreviewed

CVE-2024-28832 was published Jun 25, 2024

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows... Moderate Unreviewed

CVE-2024-28831 was published Jun 25, 2024

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2... Moderate Unreviewed

CVE-2024-38859 was published Aug 26, 2024

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20740 was published May 4, 2022

A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated... Moderate Unreviewed

CVE-2020-26067 was published Nov 18, 2024

A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an... Moderate Unreviewed

CVE-2024-6251 was published Jun 22, 2024

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10592 was published Nov 16, 2024

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an... Moderate Unreviewed

CVE-2022-20654 was published Nov 15, 2024

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2024-10038 was published Nov 13, 2024

The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10621 was published Nov 8, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-9147 was published Nov 4, 2024

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure... Moderate Unreviewed

CVE-2024-20504 was published Nov 6, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20341 was published Oct 23, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed

CVE-2024-20460 was published Oct 16, 2024

The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-9438 was published Oct 29, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20382 was published Oct 23, 2024

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ... Moderate Unreviewed

CVE-2024-47139 was published Oct 16, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed

CVE-2024-38039 was published Oct 4, 2024

The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8872 was published Sep 26, 2024

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-7629 was published Aug 21, 2024

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

114 advisories