Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,211 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-5532 was published Oct 28, 2024
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker... Low Unreviewed
CVE-2024-47486 was published Oct 18, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings Low Unreviewed
CVE-2024-47951 was published Oct 8, 2024
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings Low Unreviewed
CVE-2024-47950 was published Oct 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-43687 was published Oct 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-43686 was published Oct 4, 2024
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as... Low Unreviewed
CVE-2024-9075 was published Sep 22, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible Low Unreviewed
CVE-2024-46970 was published Sep 16, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited,... Low Unreviewed
CVE-2024-27125 was published Sep 6, 2024
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject... Low Unreviewed
CVE-2024-38858 was published Sep 2, 2024
A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9... Low Unreviewed
CVE-2024-44918 was published Aug 30, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2022-26328 was published Aug 21, 2024
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin Low Unreviewed
CVE-2024-43808 was published Aug 16, 2024
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page Low Unreviewed
CVE-2024-43809 was published Aug 16, 2024
The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made... Low Unreviewed
CVE-2024-6692 was published Aug 12, 2024
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1... Low Unreviewed
CVE-2024-4187 was published Jul 31, 2024
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page Low Unreviewed
CVE-2024-41826 was published Jul 22, 2024
Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition... Low Unreviewed
CVE-2024-38870 was published Jul 17, 2024
A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor.... Low Unreviewed
CVE-2024-22477 was published Jul 10, 2024
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000... Low Unreviewed
CVE-2024-6344 was published Jun 26, 2024
A vulnerability classified as problematic was found in SourceCodester Service Provider Management... Low Unreviewed
CVE-2024-6267 was published Jun 23, 2024
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic.... Low Unreviewed
CVE-2024-6252 was published Jun 22, 2024
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an... Low Unreviewed
CVE-2024-6251 was published Jun 22, 2024
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Low Unreviewed
CVE-2024-38507 was published Jun 18, 2024
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This... Low Unreviewed
CVE-2024-6082 was published Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database