Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

25,776 advisories

Loading
The WP jQuery Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-5425 was published Jun 7, 2024
Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 and older are vulnerable... Moderate Unreviewed
CVE-2024-25662 was published May 14, 2024
The Clever Fox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2024-1768 was published Jun 7, 2024
Cross-site scripting vulnerability in Movable Type series allows a remote authenticated attacker... Moderate Unreviewed
CVE-2023-45746 was published Oct 30, 2023
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External... Moderate Unreviewed
CVE-2024-51507 was published Oct 29, 2024
Tiki through 27.0 allows users who have certain permissions to insert a "Modules" (aka tiki... Moderate Unreviewed
CVE-2024-51509 was published Oct 29, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in... Moderate Unreviewed
CVE-2024-51075 was published Oct 29, 2024
A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php... Moderate Unreviewed
CVE-2024-51076 was published Oct 29, 2024
Tiki through 27.0 allows users who have certain permissions to insert a "Create/Edit External... Moderate Unreviewed
CVE-2024-51508 was published Oct 29, 2024
The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo... Moderate Unreviewed
CVE-2024-1988 was published Jun 7, 2024
The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-3987 was published Jun 7, 2024
OvalEdge 5.2.8.0 and earlier is affected by multiple Stored XSS (AKA Persistent or Type II)... Moderate Unreviewed
CVE-2022-30360 was published Oct 25, 2024
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS... Moderate Unreviewed
CVE-2023-20248 was published Apr 24, 2024
XSS vulnerability in DP Calendar component for Joomla. Moderate Unreviewed
CVE-2024-21727 was published Feb 15, 2024
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator... Moderate Unreviewed
CVE-2023-37439 was published Aug 22, 2023
HTML Purifier Cross-site Scripting vulnerability Moderate
CVE-2007-3498 was published for ezyang/htmlpurifier (Composer) May 1, 2022
Rudloff
The Logo Slider WordPress plugin before 4.0.0 does not validate and escape some of its Slider... Moderate Unreviewed
CVE-2024-3288 was published Jun 7, 2024
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows... Moderate Unreviewed
CVE-2024-40746 was published Oct 21, 2024
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-5612 was published Jun 7, 2024
Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting ... Moderate Unreviewed
CVE-2022-46088 was published Mar 5, 2024
The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its... Moderate Unreviewed
CVE-2024-2402 was published Apr 24, 2024
Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an... Moderate Unreviewed
CVE-2020-8549 was published May 24, 2022
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-10226 was published Oct 29, 2024
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-9505 was published Oct 29, 2024
A vulnerability in the discussion image upload function of the Lollms application, version v9.9,... Moderate Unreviewed
CVE-2024-6581 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database