Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,385 advisories

Loading
The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7... Moderate Unreviewed
CVE-2024-5447 was published Jun 21, 2024
The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode WordPress plugin through 1.7... Moderate Unreviewed
CVE-2024-5448 was published Jun 21, 2024
The Google CSE WordPress plugin through 1.0.7 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2024-4755 was published Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not sanitise and escape some of its log data... Moderate Unreviewed
CVE-2024-4477 was published Jun 21, 2024
A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified... Moderate Unreviewed
CVE-2024-6212 was published Jun 21, 2024
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access... Moderate Unreviewed
CVE-2024-37348 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute... Moderate Unreviewed
CVE-2024-37345 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access... Moderate Unreviewed
CVE-2024-37351 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access... Moderate Unreviewed
CVE-2024-37349 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the policy management UI of Absolute Secure... Moderate Unreviewed
CVE-2024-37350 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the pool configuration component of the... Moderate Unreviewed
CVE-2024-37347 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access... Moderate Unreviewed
CVE-2024-37352 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the Policy management UI of Absolute Secure... Moderate Unreviewed
CVE-2024-37344 was published Jun 20, 2024
There is a cross-site scripting vulnerability in the Secure Access administrative console of... Moderate Unreviewed
CVE-2024-37343 was published Jun 20, 2024
For Kiuwan installations with SSO (single sign-on) enabled, an unauthenticated reflected cross... Unknown Unreviewed
CVE-2023-49111 was published Jun 20, 2024
A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This... Moderate Unreviewed
CVE-2024-6181 was published Jun 20, 2024
A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2024-6182 was published Jun 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-6177 was published Jun 20, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-6178 was published Jun 20, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-6179 was published Jun 20, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34443 was published Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option Moderate
CVE-2024-38356 was published for TinyMCE (Composer) Jun 19, 2024
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements Moderate
CVE-2024-38357 was published for TinyMCE (Composer) Jun 19, 2024
Malav-MK
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-35765 was published Jun 19, 2024
Moodle stored XSS via calendar's event title when deleting the event Moderate
CVE-2024-38274 was published for moodle/moodle (Composer) Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API