GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,459
Composer 4,164
Erlang 30
GitHub Actions 19
Go 1,973
Maven 5,149
npm 3,695
NuGet 654
pip 3,312
Pub 11
RubyGems 881
Rust 831
Swift 35

Unreviewed advisories

All unreviewed 232,370

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

28,775 advisories

Filter by severity

Sort by

Least recently updated

Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed... Moderate Unreviewed

CVE-2024-26018 was published Mar 26, 2024

MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which... Moderate Unreviewed

CVE-2024-37763 was published Jul 2, 2024

Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS)... Moderate Unreviewed

CVE-2024-48569 was published Oct 30, 2024

Stored Cross-Site Scripting (XSS) vulnerability in Codoforum v4.9, allows attackers to execute... Moderate Unreviewed

CVE-2020-22540 was published Apr 16, 2024

The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’... Moderate Unreviewed

CVE-2024-5638 was published Jun 8, 2024

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component:... Moderate Unreviewed

CVE-2024-21133 was published Jul 17, 2024

The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’... Moderate Unreviewed

CVE-2024-5613 was published Jun 8, 2024

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Sage 1000 v 7.0.0. This... Moderate Unreviewed

CVE-2024-48648 was published Oct 30, 2024

Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0... Moderate Unreviewed

CVE-2024-48807 was published Oct 30, 2024

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3... Moderate Unreviewed

CVE-2024-31395 was published May 22, 2024

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET... Moderate Unreviewed

CVE-2022-30359 was published Oct 25, 2024

Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd... Moderate Unreviewed

CVE-2024-51419 was published Oct 30, 2024

EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that... Moderate Unreviewed

CVE-2024-31972 was published Oct 30, 2024

Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi... Moderate Unreviewed

CVE-2024-31973 was published Oct 30, 2024

A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33... Moderate Unreviewed

CVE-2024-26490 was published Feb 22, 2024

Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter. Moderate Unreviewed

CVE-2024-34401 was published May 3, 2024

EnGenius ESR580 devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via... Moderate Unreviewed

CVE-2024-31975 was published Oct 30, 2024

A reflected cross-site scripting (XSS) vulnerability in SocialMediaWebsite v1.0.1 allows... Moderate Unreviewed

CVE-2024-26472 was published Feb 29, 2024

Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0... Moderate Unreviewed

CVE-2024-51430 was published Oct 31, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed

CVE-2024-21023 was published Apr 17, 2024

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed

CVE-2024-21041 was published Apr 17, 2024

UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi... High Unreviewed

CVE-2024-28092 was published Mar 20, 2024

The Ultimate Posts Widget WordPress plugin before 2.3.1 does not validate and escape some of its... Moderate Unreviewed

CVE-2024-0561 was published Mar 11, 2024

An HTML injection vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05... Moderate Unreviewed

CVE-2023-25200 was published Apr 4, 2024

A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins... Moderate Unreviewed

CVE-2024-26467 was published Feb 26, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

28,775 advisories