GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
25,148 advisories
Filter by severity
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8282
was published
Oct 2, 2024
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9210
was published
Oct 2, 2024
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9225
was published
Oct 2, 2024
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9172
was published
Oct 2, 2024
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content...
Moderate
Unreviewed
CVE-2024-9222
was published
Oct 2, 2024
The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN,...
Moderate
Unreviewed
CVE-2024-9344
was published
Oct 2, 2024
The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9378
was published
Oct 2, 2024
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with...
Moderate
Unreviewed
CVE-2024-9218
was published
Oct 2, 2024
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache,...
Moderate
Unreviewed
CVE-2024-8800
was published
Oct 2, 2024
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8967
was published
Oct 2, 2024
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows...
Moderate
Unreviewed
CVE-2024-9174
was published
Oct 2, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via...
Moderate
Unreviewed
CVE-2024-46079
was published
Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated...
Moderate
Unreviewed
CVE-2024-46081
was published
Oct 1, 2024
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated...
Moderate
Unreviewed
CVE-2024-46083
was published
Oct 1, 2024
A vulnerability classified as problematic has been found in OFCMS 1.1.2. This affects the...
Moderate
Unreviewed
CVE-2024-9411
was published
Oct 1, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature
Moderate
CVE-2024-47523
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Rules" feature
Moderate
CVE-2024-47525
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Dependencies" feature
Moderate
CVE-2024-47527
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
Pagekit Cross-site Scripting vulnerability
Moderate
CVE-2024-45967
was published
for
pagekit/pagekit
(Composer)
Oct 1, 2024
The AVIF & SVG Uploader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9060
was published
Oct 1, 2024
The QS Dark Mode Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9118
was published
Oct 1, 2024
The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-8786
was published
Oct 1, 2024
The LocateAndFilter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9304
was published
Oct 1, 2024
The Custom Banners plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8799
was published
Oct 1, 2024
The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
Moderate
Unreviewed
CVE-2024-9220
was published
Oct 1, 2024
ProTip!
Advisories are also available from the
GraphQL API