Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

38,128 advisories

Loading
Concrete CMS vulnerable to Stored Cross-site Scripting Moderate
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has... Moderate Unreviewed
CVE-2024-7359 was published Aug 1, 2024
The Element Pack - Addon for Elementor Page Builder WordPress Plugin plugin for WordPress is... Moderate Unreviewed
CVE-2024-2455 was published Aug 1, 2024
The Gutenberg Blocks, Page Builder – ComboBlocks plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-6346 was published Aug 1, 2024
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-5330 was published Aug 1, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-7302 was published Aug 1, 2024
The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a... High Unreviewed
CVE-2024-6529 was published Aug 1, 2024
The socialdriver-framework WordPress plugin before 2024.04.30 does not sanitise and escape some... Moderate Unreviewed
CVE-2024-2872 was published Aug 1, 2024
A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2024-7343 was published Aug 1, 2024
The Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for... Moderate Unreviewed
CVE-2024-4090 was published Aug 1, 2024
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1... Low Unreviewed
CVE-2024-4187 was published Jul 31, 2024
ZITADEL has improper HTML sanitization in emails and Console UI Moderate
CVE-2024-41953 was published for github.com/zitadel/zitadel (Go) Jul 31, 2024
livio-a
Credited to livio-a
eZ Platform Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget Moderate
GHSA-gc5h-6jx9-q2qh was published for ezsystems/ezplatform-admin-ui (Composer) Jul 31, 2024
4rdr
Credited to 4rdr
XWiki Platform vulnerable to Cross-Site Scripting (XSS) through conflict resolution Critical
CVE-2024-41947 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Jul 31, 2024
A “CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')”... High Unreviewed
CVE-2024-31199 was published Jul 31, 2024
The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-6208 was published Jul 31, 2024
Ibexa Admin UI vulnerable to DOM-based Cross-site Scripting in file upload widget Moderate
CVE-2024-39318 was published for ibexa/admin-ui (Composer) Jul 31, 2024
4rdr
Credited to 4rdr
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management... Moderate Unreviewed
CVE-2024-7321 was published Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2024-7309 was published Jul 31, 2024
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-7310 was published Jul 31, 2024
The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form... Moderate Unreviewed
CVE-2024-6725 was published Jul 31, 2024
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7303 was published Jul 31, 2024
Bolt CMS Cross-site Scripting vulnerability Moderate
CVE-2024-7300 was published for bolt/bolt (Composer) Jul 31, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Bolt CMS 3.7.1. It has been rated as... Moderate Unreviewed
CVE-2024-7299 was published Jul 31, 2024
The SpiderContacts WordPress plugin through 1.1.7 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-6272 was published Jul 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database