GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,847

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,776 advisories

Filter by severity

Sort by

Least recently updated

XSS Attack in mar.jar, Monitoring Archive Utility (MAR Utility), monitoringconsolecommon.jar in... Critical Unreviewed

CVE-2024-10217 was published Nov 12, 2024

Reflected XSS in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before... High Unreviewed

CVE-2024-11004 was published Nov 12, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2024-10923 was published Nov 12, 2024

A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this... Moderate Unreviewed

CVE-2024-11130 was published Nov 12, 2024

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... Moderate Unreviewed

CVE-2024-50561 was published Nov 12, 2024

A vulnerability has been identified in OZW672 (All versions < V5.2), OZW772 (All versions < V5.2)... High Unreviewed

CVE-2024-36140 was published Nov 12, 2024

The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-10179 was published Nov 12, 2024

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-10323 was published Nov 12, 2024

The Admin and Site Enhancements (ASE) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10790 was published Nov 12, 2024

The xili-tidy-tags plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-9357 was published Nov 12, 2024

A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been rated as... Moderate Unreviewed

CVE-2024-11102 was published Nov 12, 2024

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-10538 was published Nov 12, 2024

The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-10685 was published Nov 12, 2024

Persistent and reflected XSS vulnerabilities in the themeMode cookie and _h URL parameter of... Moderate Unreviewed

CVE-2024-50601 was published Nov 12, 2024

Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute... Moderate Unreviewed

CVE-2024-51213 was published Nov 12, 2024

The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the... Moderate Unreviewed

CVE-2024-51026 was published Nov 11, 2024

TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed

CVE-2024-51189 was published Nov 11, 2024

TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed

CVE-2024-51190 was published Nov 11, 2024

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic... Moderate Unreviewed

CVE-2024-11078 was published Nov 11, 2024

TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed

CVE-2024-51187 was published Nov 11, 2024

TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed

CVE-2024-51188 was published Nov 11, 2024

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2024-45087 was published Nov 11, 2024

IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed

CVE-2024-45088 was published Nov 11, 2024

A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a... Moderate Unreviewed

CVE-2024-43439 was published Nov 11, 2024

A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5... Moderate Unreviewed

CVE-2024-11070 was published Nov 11, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25,776 advisories