GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,385 advisories
Filter by severity
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Moderate
Unreviewed
CVE-2024-28973
was published
Jun 26, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Low
CVE-2024-38364
was published
for
org.dspace:dspace-server-webapp
(Maven)
Jun 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-31111
was published
Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site...
Moderate
Unreviewed
CVE-2024-34141
was published
Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site...
Moderate
Unreviewed
CVE-2024-34142
was published
Jun 25, 2024
A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD...
Unknown
Unreviewed
CVE-2024-22168
was published
Jun 25, 2024
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft...
Moderate
Unreviewed
CVE-2024-37679
was published
Jun 24, 2024
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site...
Moderate
Unreviewed
CVE-2024-37680
was published
Jun 24, 2024
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2024-37732
was published
Jun 24, 2024
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross...
Moderate
Unreviewed
CVE-2024-36038
was published
Jun 24, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-4754
was published
Jun 24, 2024
Cross site scripting in Apache JSPWiki
Moderate
CVE-2024-27136
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Jun 24, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-6273
was published
Jun 24, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management...
Low
Unreviewed
CVE-2024-6267
was published
Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic....
Low
Unreviewed
CVE-2024-6252
was published
Jun 22, 2024
Apache Allura's neighborhood settings are vulnerable to a stored XSS attack. Only neighborhood...
Unknown
Unreviewed
CVE-2024-38379
was published
Jun 22, 2024
Cross site scripting in opencart
Moderate
CVE-2024-21516
was published
for
opencart/opencart
(Composer)
Jun 22, 2024
Cross site scripting in opencart
Moderate
CVE-2024-21515
was published
for
opencart/opencart
(Composer)
Jun 22, 2024
Cross site scripting in opencart
Moderate
CVE-2024-21517
was published
for
opencart/opencart
(Composer)
Jun 22, 2024
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’...
Moderate
Unreviewed
CVE-2024-5966
was published
Jun 22, 2024
The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’...
Moderate
Unreviewed
CVE-2024-5965
was published
Jun 22, 2024
The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX...
Moderate
Unreviewed
CVE-2024-5346
was published
Jun 22, 2024
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-2484
was published
Jun 22, 2024
The Table Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-4313
was published
Jun 22, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
High
Unreviewed
CVE-2024-5791
was published
Jun 22, 2024
ProTip!
Advisories are also available from the
GraphQL API