GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
992 advisories
Filter by severity
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This...
High
Unreviewed
CVE-2024-28798
was published
Jun 30, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,...
High
Unreviewed
CVE-2024-28983
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11...
High
Unreviewed
CVE-2024-4901
was published
Jun 27, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,...
High
Unreviewed
CVE-2024-28984
was published
Jun 27, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
High
Unreviewed
CVE-2024-5791
was published
Jun 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35766
was published
Jun 21, 2024
Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight...
High
Unreviewed
CVE-2024-4190
was published
Jun 11, 2024
SAP Financial Consolidation allows data to enter
a Web application through an untrusted source....
High
Unreviewed
CVE-2024-37177
was published
Jun 11, 2024
ghtml Cross-Site Scripting (XSS) vulnerability
High
CVE-2024-37166
was published
for
ghtml
(npm)
Jun 10, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35706
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35694
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35697
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35696
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35693
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35687
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35679
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35734
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35733
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35718
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35737
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35730
was published
Jun 8, 2024
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor...
High
Unreviewed
CVE-2024-5542
was published
Jun 7, 2024
A Cross-site Scripting (XSS) vulnerability exists in the SAML metadata endpoint `/auth/saml/${org...
High
Unreviewed
CVE-2024-5478
was published
Jun 6, 2024
A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm...
High
Unreviewed
CVE-2024-3110
was published
Jun 6, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
High
Unreviewed
CVE-2024-3667
was published
Jun 5, 2024
ProTip!
Advisories are also available from the
GraphQL API