Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

992 advisories

Loading
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28983 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11... High Unreviewed
CVE-2024-4901 was published Jun 27, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28984 was published Jun 27, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is... High Unreviewed
CVE-2024-5791 was published Jun 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35766 was published Jun 21, 2024
Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight... High Unreviewed
CVE-2024-4190 was published Jun 11, 2024
SAP Financial Consolidation allows data to enter a Web application through an untrusted source.... High Unreviewed
CVE-2024-37177 was published Jun 11, 2024
ghtml Cross-Site Scripting (XSS) vulnerability High
CVE-2024-37166 was published for ghtml (npm) Jun 10, 2024
lirantal
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35706 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35694 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35697 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35696 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35693 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35687 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35679 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35734 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35733 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35718 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35737 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35730 was published Jun 8, 2024
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor... High Unreviewed
CVE-2024-5542 was published Jun 7, 2024
A Cross-site Scripting (XSS) vulnerability exists in the SAML metadata endpoint `/auth/saml/${org... High Unreviewed
CVE-2024-5478 was published Jun 6, 2024
A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm... High Unreviewed
CVE-2024-3110 was published Jun 6, 2024
The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2024-3667 was published Jun 5, 2024
ProTip! Advisories are also available from the GraphQL API