Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31,227 advisories

Loading
A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0... Moderate Unreviewed
CVE-2018-25097 was published Jan 2, 2024
A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on WordPress and classified as... Moderate Unreviewed
CVE-2015-10128 was published Jan 2, 2024
A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic.... Low Unreviewed
CVE-2017-20188 was published Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0184 was published Jan 2, 2024
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as... Low Unreviewed
CVE-2024-0181 was published Jan 1, 2024
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2023-6485 was published Jan 1, 2024
The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating... Moderate Unreviewed
CVE-2023-6000 was published Jan 1, 2024
The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some... Moderate Unreviewed
CVE-2023-6037 was published Jan 1, 2024
FlyCms through abbaa5a allows XSS via the permission management feature. Moderate Unreviewed
CVE-2024-21732 was published Jan 1, 2024
MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule.... Moderate Unreviewed
CVE-2023-52269 was published Dec 31, 2023
The beesblog (aka Bees Blog) component before 1.6.2 for thirty bees allows Reflected XSS because... Moderate Unreviewed
CVE-2023-52264 was published Dec 31, 2023
IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted... Moderate Unreviewed
CVE-2023-52265 was published Dec 31, 2023
A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management... Moderate Unreviewed
CVE-2023-7173 was published Dec 30, 2023
LogoBee 0.2 allows updates.php?id= XSS. Moderate Unreviewed
CVE-2023-52257 was published Dec 30, 2023
The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow... Moderate Unreviewed
CVE-2023-52240 was published Dec 30, 2023
WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting ... Moderate Unreviewed
CVE-2023-50069 was published Dec 29, 2023
A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic.... Low Unreviewed
CVE-2023-7171 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Low Unreviewed
CVE-2023-41814 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Low Unreviewed
CVE-2023-41813 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51399 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2023-50893 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51396 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2023-50892 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51397 was published Dec 29, 2023
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-50891 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database