GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
228,995 advisories
Filter by severity
Missing Authorization vulnerability in Codection Import and export users and customers.This issue...
Moderate
Unreviewed
CVE-2024-22151
was published
Jun 8, 2024
Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21.
Moderate
Unreviewed
CVE-2024-21748
was published
Jun 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects...
Moderate
Unreviewed
CVE-2024-35684
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35697
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35701
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35702
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35699
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35705
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35698
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35694
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35703
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35706
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35704
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35679
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35695
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35693
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35696
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC...
Moderate
Unreviewed
CVE-2024-35691
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34765
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35681
was published
Jun 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n...
Moderate
Unreviewed
CVE-2024-35689
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35687
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35688
was published
Jun 8, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter...
Moderate
Unreviewed
CVE-2024-35682
was published
Jun 8, 2024
HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may...
Moderate
Unreviewed
CVE-2023-45707
was published
Jun 8, 2024
ProTip!
Advisories are also available from the
GraphQL API