Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

26,385 advisories

Loading
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2024-28795 was published Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This... Moderate Unreviewed
CVE-2024-28797 was published Jun 30, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0... Moderate Unreviewed
CVE-2024-5062 was published Jun 30, 2024
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by... Moderate Unreviewed
CVE-2024-6415 was published Jun 30, 2024
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is... Moderate Unreviewed
CVE-2024-25041 was published Jun 29, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document Low
CVE-2024-38364 was published for org.dspace:dspace-server-webapp (Maven) Jun 25, 2024
Xib3rR4dAr
linkref_addindex in rcube_string_replacer.php in Roundcube Webmail before 1.4.10 allows XSS via a... Moderate Unreviewed
CVE-2020-35730 was published May 24, 2022
A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms... Moderate Unreviewed
CVE-2024-5933 was published Jun 27, 2024
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site... Moderate Unreviewed
CVE-2023-42014 was published Jun 27, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2024-35153 was published Jun 27, 2024
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified... Moderate Unreviewed
CVE-2024-6374 was published Jun 27, 2024
A vulnerability classified as problematic was found in LabVantage LIMS 2017. Affected by this... Moderate Unreviewed
CVE-2024-6370 was published Jun 27, 2024
A vulnerability was found in LabVantage LIMS 2017. It has been declared as problematic. This... Moderate Unreviewed
CVE-2024-6367 was published Jun 27, 2024
A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2024-6368 was published Jun 27, 2024
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. Affected is an... Moderate Unreviewed
CVE-2024-6369 was published Jun 27, 2024
Moodle stored XSS via calendar's event title when deleting the event Moderate
CVE-2024-38274 was published for moodle/moodle (Composer) Jun 18, 2024
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS... Moderate Unreviewed
CVE-2020-13965 was published May 24, 2022
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28984 was published Jun 27, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28983 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11... High Unreviewed
CVE-2024-4901 was published Jun 27, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-37247 was published Jun 27, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-37248 was published Jun 27, 2024
Cross-site Scripting in ZenUML Moderate
CVE-2024-38527 was published for @zenuml/core (npm) Jun 26, 2024
Yash-Singh1
A vulnerability was found in Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12. It has... Moderate Unreviewed
CVE-2024-6355 was published Jun 26, 2024
ProTip! Advisories are also available from the GraphQL API