GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,525

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34,843 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in LIVEBOX Collaboration vDesk through v018. Stored Cross-site Scripting ... Moderate Unreviewed

CVE-2022-45176 was published Jun 10, 2024

The Newspaper theme for WordPress is vulnerable to Stored Cross-Site Scripting via attachment... Moderate Unreviewed

CVE-2024-3815 was published Jun 15, 2024

ExpressionEngine before 7.4.11 allows XSS. Moderate Unreviewed

CVE-2024-38454 was published Jun 16, 2024

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-4479 was published Jun 15, 2024

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-3814 was published Jun 15, 2024

Cross Site Scripting vulnerability in TWCMS v.2.0.3 allows a remote attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-37878 was published Jun 12, 2024

A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed

CVE-2024-41914 was published Jul 24, 2024

There is a cross-site scripting vulnerability in the Secure Access administrative console of... Moderate Unreviewed

CVE-2024-40873 was published Jul 25, 2024

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is... Moderate Unreviewed

CVE-2024-28772 was published Jul 25, 2024

A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator... Moderate Unreviewed

CVE-2024-22444 was published Jul 24, 2024

The CM Popup Plugin for WordPress WordPress plugin before 1.6.6 does not sanitise and escape... Moderate Unreviewed

CVE-2024-5004 was published Jul 22, 2024

The WP QuickLaTeX WordPress plugin before 3.8.8 does not sanitise and escape some of its settings... Moderate Unreviewed

CVE-2024-5529 was published Jul 22, 2024

The HTML Forms WordPress plugin before 1.3.33 does not sanitize and escape the form message... Moderate Unreviewed

CVE-2024-6243 was published Jul 22, 2024

The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-2350 was published Jun 6, 2024

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post... Moderate Unreviewed

CVE-2019-9978 was published May 13, 2022

A cross site scripting vulnerability exists in GitLab CE/EE affecting all versions from 16.6... High Unreviewed

CVE-2024-7047 was published Jul 25, 2024

The WP Secure Maintenance WordPress plugin before 1.7 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-4753 was published Jul 12, 2024

The Watu Quiz WordPress plugin before 3.4.1.2 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-2640 was published Jul 12, 2024

The Simple Video Directory WordPress plugin before 1.4.4 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-5811 was published Jul 12, 2024

The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and... Moderate Unreviewed

CVE-2024-2430 was published Jul 12, 2024

The Inline Related Posts WordPress plugin before 3.7.0 does not sanitise and escape a parameter... Moderate Unreviewed

CVE-2024-5626 was published Jul 12, 2024

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-4364 was published Jun 6, 2024

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-4458 was published Jun 6, 2024

The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2922 was published Jun 6, 2024

The Rotating Tweets (Twitter widget and shortcode) plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-5141 was published Jun 6, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,843 advisories