Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

34,836 advisories

Loading
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-1160 was published Feb 13, 2024
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-1157 was published Feb 13, 2024
SAP Companion - version <3.1.38, has a URL with parameter that could be vulnerable to XSS attack.... Moderate Unreviewed
CVE-2024-22129 was published Feb 13, 2024
SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701... Moderate Unreviewed
CVE-2024-24742 was published Feb 13, 2024
Print preview option in SAP CRM WebClient UI - versions S4FND 102, S4FND 103, S4FND 104, S4FND... High Unreviewed
CVE-2024-22130 was published Feb 13, 2024
A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute... Moderate Unreviewed
CVE-2023-52059 was published Feb 13, 2024
SAP NWBC for HTML - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758,... Moderate Unreviewed
CVE-2024-22128 was published Feb 13, 2024
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates... High Unreviewed
CVE-2024-22126 was published Feb 13, 2024
caddy-security plugin for Caddy vulnerable to reflected Cross-site Scripting Moderate
CVE-2023-52430 was published for github.com/greenpau/caddy-security (Go) Feb 13, 2024
Dell Unity, versions prior to 5.4, contains a cross-site scripting (XSS) vulnerability. An... Moderate Unreviewed
CVE-2024-0169 was published Feb 12, 2024
Dell Unity, versions prior to 5.4, contains a Cross-site scripting vulnerability. An... Moderate Unreviewed
CVE-2024-22230 was published Feb 12, 2024
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title... Moderate Unreviewed
CVE-2024-0420 was published Feb 12, 2024
The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-6591 was published Feb 12, 2024
The GigPress WordPress plugin through 2.3.29 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-7233 was published Feb 12, 2024
The chartjs WordPress plugin through 2023.2 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-6081 was published Feb 12, 2024
The chartjs WordPress plugin through 2023.2 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-6082 was published Feb 12, 2024
User ID references at mentions in document comments were not correctly sanitized. Script code... Moderate Unreviewed
CVE-2023-41703 was published Feb 12, 2024
References to the "app loader" functionality could contain redirects to unexpected locations.... Moderate Unreviewed
CVE-2023-41708 was published Feb 12, 2024
Processing of CID references at E-Mail can be abused to inject malicious script code that passes... High Unreviewed
CVE-2023-41704 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-47526 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-50875 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51403 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24889 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51370 was published Feb 12, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-24930 was published Feb 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database