Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,385 advisories

Loading
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed
CVE-2024-28973 was published Jun 26, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document Low
CVE-2024-38364 was published for org.dspace:dspace-server-webapp (Maven) Jun 25, 2024
Xib3rR4dAr
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-31111 was published Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-34141 was published Jun 25, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-34142 was published Jun 25, 2024
A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD... Unknown Unreviewed
CVE-2024-22168 was published Jun 25, 2024
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft... Moderate Unreviewed
CVE-2024-37679 was published Jun 24, 2024
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site... Moderate Unreviewed
CVE-2024-37680 was published Jun 24, 2024
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute... Moderate Unreviewed
CVE-2024-37732 was published Jun 24, 2024
Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross... Moderate Unreviewed
CVE-2024-36038 was published Jun 24, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-4754 was published Jun 24, 2024
Cross site scripting in Apache JSPWiki Moderate
CVE-2024-27136 was published for org.apache.jspwiki:jspwiki-main (Maven) Jun 24, 2024
A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-6273 was published Jun 24, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management... Low Unreviewed
CVE-2024-6267 was published Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic.... Low Unreviewed
CVE-2024-6252 was published Jun 22, 2024
Apache Allura's neighborhood settings are vulnerable to a stored XSS attack.  Only neighborhood... Unknown Unreviewed
CVE-2024-38379 was published Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21516 was published for opencart/opencart (Composer) Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21515 was published for opencart/opencart (Composer) Jun 22, 2024
Cross site scripting in opencart Moderate
CVE-2024-21517 was published for opencart/opencart (Composer) Jun 22, 2024
The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’... Moderate Unreviewed
CVE-2024-5966 was published Jun 22, 2024
The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’... Moderate Unreviewed
CVE-2024-5965 was published Jun 22, 2024
The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX... Moderate Unreviewed
CVE-2024-5346 was published Jun 22, 2024
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-2484 was published Jun 22, 2024
The Table Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-4313 was published Jun 22, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is... High Unreviewed
CVE-2024-5791 was published Jun 22, 2024
ProTip! Advisories are also available from the GraphQL API