GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
25,776 advisories
Filter by severity
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9655
was published
Nov 1, 2024
Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-48569
was published
Oct 30, 2024
Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed...
Moderate
Unreviewed
CVE-2024-26018
was published
Mar 26, 2024
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which...
Moderate
Unreviewed
CVE-2024-37763
was published
Jul 2, 2024
Stored Cross-Site Scripting (XSS) vulnerability in Codoforum v4.9, allows attackers to execute...
Moderate
Unreviewed
CVE-2020-22540
was published
Apr 16, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’...
Moderate
Unreviewed
CVE-2024-5638
was published
Jun 8, 2024
Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component:...
Moderate
Unreviewed
CVE-2024-21133
was published
Jul 17, 2024
The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’...
Moderate
Unreviewed
CVE-2024-5613
was published
Jun 8, 2024
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Sage 1000 v 7.0.0. This...
Moderate
Unreviewed
CVE-2024-48648
was published
Oct 30, 2024
Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0...
Moderate
Unreviewed
CVE-2024-48807
was published
Oct 30, 2024
Cross Site Scripting vulnerability in Shenzhen Interconnection Harbor Network Technology Co., Ltd...
Moderate
Unreviewed
CVE-2024-51419
was published
Oct 30, 2024
EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that...
Moderate
Unreviewed
CVE-2024-31972
was published
Oct 30, 2024
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi...
Moderate
Unreviewed
CVE-2024-31973
was published
Oct 30, 2024
Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3...
Moderate
Unreviewed
CVE-2024-31395
was published
May 22, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET...
Moderate
Unreviewed
CVE-2022-30359
was published
Oct 25, 2024
EnGenius ESR580 devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via...
Moderate
Unreviewed
CVE-2024-31975
was published
Oct 30, 2024
A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33...
Moderate
Unreviewed
CVE-2024-26490
was published
Feb 22, 2024
Savsoft Quiz 6.0 allows stored XSS via the index.php/quiz/insert_quiz/ quiz_name parameter.
Moderate
Unreviewed
CVE-2024-34401
was published
May 3, 2024
A reflected cross-site scripting (XSS) vulnerability in SocialMediaWebsite v1.0.1 allows...
Moderate
Unreviewed
CVE-2024-26472
was published
Feb 29, 2024
Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0...
Moderate
Unreviewed
CVE-2024-51430
was published
Oct 31, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E...
Moderate
Unreviewed
CVE-2024-21023
was published
Apr 17, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E...
Moderate
Unreviewed
CVE-2024-21041
was published
Apr 17, 2024
The Ultimate Posts Widget WordPress plugin before 2.3.1 does not validate and escape some of its...
Moderate
Unreviewed
CVE-2024-0561
was published
Mar 11, 2024
An HTML injection vulnerability exists in the MT Safeline X-Ray X3310 webserver version NXG 19.05...
Moderate
Unreviewed
CVE-2023-25200
was published
Apr 4, 2024
A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins...
Moderate
Unreviewed
CVE-2024-26467
was published
Feb 26, 2024
ProTip!
Advisories are also available from the
GraphQL API