Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

35,640 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43951 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43952 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43960 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43934 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43949 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43964 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43935 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43946 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43961 was published Aug 29, 2024
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute... Moderate Unreviewed
CVE-2024-44717 was published Aug 29, 2024
A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows... Moderate Unreviewed
CVE-2024-44919 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43936 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43953 was published Aug 29, 2024
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style information Moderate
CVE-2024-45046 was published for phpoffice/phpexcel (Composer) Aug 29, 2024
emilvirkki Credited to emilvirkki, marcinwealthon, and neodc marcinwealthon marcinwealthon
neodc neodc
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-1056 was published Aug 29, 2024
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-1384 was published Aug 29, 2024
The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-7606 was published Aug 29, 2024
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may... Moderate Unreviewed
CVE-2024-5624 was published Aug 29, 2024
The Gutentor WordPress plugin before 3.3.6 does not validate and escape some of its block... Moderate Unreviewed
CVE-2024-5417 was published Aug 29, 2024
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.13 does not escape the content of... Moderate Unreviewed
CVE-2024-7132 was published Aug 29, 2024
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-7895 was published Aug 29, 2024
The Viral Signup WordPress plugin through 2.1 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2024-6927 was published Aug 29, 2024
The WP To Do plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment in all... Moderate Unreviewed
CVE-2024-3944 was published Aug 29, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43986 was published Aug 29, 2024
Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting (XSS) vulnerability via... Moderate Unreviewed
CVE-2024-42900 was published Aug 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database