GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,385 advisories
Filter by severity
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a...
Moderate
Unreviewed
CVE-2024-37675
was published
Jun 21, 2024
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a...
Moderate
Unreviewed
CVE-2024-37673
was published
Jun 21, 2024
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a...
Moderate
Unreviewed
CVE-2024-37672
was published
Jun 21, 2024
Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a...
Moderate
Unreviewed
CVE-2024-37671
was published
Jun 21, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2022-38055
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35766
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35761
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35763
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35762
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35760
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35757
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35758
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35759
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35768
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35764
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35774
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35769
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35779
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-5058
was published
Jun 21, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6225
was published
Jun 21, 2024
The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type...
Moderate
Unreviewed
CVE-2024-5945
was published
Jun 21, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5859
was published
Jun 21, 2024
The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5191
was published
Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape some of its...
Moderate
Unreviewed
CVE-2024-4970
was published
Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not sanitise and escape a parameter before...
Moderate
Unreviewed
CVE-2024-4616
was published
Jun 21, 2024
ProTip!
Advisories are also available from the
GraphQL API