Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

25,148 advisories

Loading
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8282 was published Oct 2, 2024
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9210 was published Oct 2, 2024
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9225 was published Oct 2, 2024
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9172 was published Oct 2, 2024
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Moderate Unreviewed
CVE-2024-9222 was published Oct 2, 2024
The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN,... Moderate Unreviewed
CVE-2024-9344 was published Oct 2, 2024
The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9378 was published Oct 2, 2024
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with... Moderate Unreviewed
CVE-2024-9218 was published Oct 2, 2024
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache,... Moderate Unreviewed
CVE-2024-8800 was published Oct 2, 2024
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8967 was published Oct 2, 2024
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows... Moderate Unreviewed
CVE-2024-9174 was published Oct 2, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via... Moderate Unreviewed
CVE-2024-46079 was published Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated... Moderate Unreviewed
CVE-2024-46081 was published Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated... Moderate Unreviewed
CVE-2024-46083 was published Oct 1, 2024
A vulnerability classified as problematic has been found in OFCMS 1.1.2. This affects the... Moderate Unreviewed
CVE-2024-9411 was published Oct 1, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature Moderate
CVE-2024-47523 was published for librenms/librenms (Composer) Oct 1, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Rules" feature Moderate
CVE-2024-47525 was published for librenms/librenms (Composer) Oct 1, 2024
RaphaelCSS RaphaelCSSilva
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Dependencies" feature Moderate
CVE-2024-47527 was published for librenms/librenms (Composer) Oct 1, 2024
RaphaelCSS RaphaelCSSilva
Pagekit Cross-site Scripting vulnerability Moderate
CVE-2024-45967 was published for pagekit/pagekit (Composer) Oct 1, 2024
The AVIF & SVG Uploader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9060 was published Oct 1, 2024
The QS Dark Mode Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9118 was published Oct 1, 2024
The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8786 was published Oct 1, 2024
The LocateAndFilter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9304 was published Oct 1, 2024
The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-8799 was published Oct 1, 2024
The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... Moderate Unreviewed
CVE-2024-9220 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database