Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31,227 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2023-52213 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2023-52196 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52198 was published Jan 8, 2024
A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code... Moderate Unreviewed
CVE-2023-51246 was published Jan 8, 2024
easyXDM 2.5 allows XSS via the xdm_e parameter. Moderate Unreviewed
CVE-2023-27739 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52197 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52203 was published Jan 8, 2024
Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because... Critical Unreviewed
CVE-2023-50982 was published Jan 8, 2024
The Email Subscription Popup WordPress plugin before 1.2.20 does not sanitise and escape a... Moderate Unreviewed
CVE-2023-6555 was published Jan 8, 2024
The WP Crowdfunding WordPress plugin before 2.1.9 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2023-6161 was published Jan 8, 2024
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks... Moderate Unreviewed
CVE-2023-6141 was published Jan 8, 2024
The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect... Moderate Unreviewed
CVE-2023-6627 was published Jan 8, 2024
The WP Custom Cursors | WordPress Cursor Plugin WordPress plugin through 3.2 does not sanitise... Moderate Unreviewed
CVE-2023-5911 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-21744 was published Jan 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-21745 was published Jan 8, 2024
Users were able to define disclaimer texts for an upsell shop dialog that would contain script... Moderate Unreviewed
CVE-2023-29052 was published Jan 8, 2024
User-defined script code could be stored for a upsell related shop URL. This code was not... Moderate Unreviewed
CVE-2023-41710 was published Jan 8, 2024
The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers... Moderate Unreviewed
CVE-2023-29049 was published Jan 8, 2024
A vulnerability, which was classified as problematic, has been found in Chanzhaoyu chatgpt-web 2... Moderate Unreviewed
CVE-2023-7215 was published Jan 8, 2024
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-0284 was published Jan 7, 2024
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management... Moderate Unreviewed
CVE-2024-0286 was published Jan 7, 2024
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been classified... Moderate Unreviewed
CVE-2024-0282 was published Jan 7, 2024
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-0283 was published Jan 7, 2024
A vulnerability classified as problematic has been found in Project Worlds Online Lawyer... Moderate Unreviewed
CVE-2024-0266 was published Jan 7, 2024
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by... Low Unreviewed
CVE-2024-0262 was published Jan 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database