Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,377 advisories

Loading
A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This... Low Unreviewed
CVE-2024-0948 was published Jan 27, 2024
A vulnerability was found in Techkshetra Info Solutions Savsoft Quiz 6.0 and classified as... Low Unreviewed
CVE-2024-4256 was published Apr 27, 2024
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious... Low Unreviewed
CVE-2023-6710 was published Dec 13, 2023
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as... Low Unreviewed
CVE-2024-4528 was published May 6, 2024
TYPO3 vulnerable to an HTML Injection in the History Module Low
CVE-2024-34355 was published for typo3/cms-core (Composer) May 14, 2024
andreaskienast bnf
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface Low
CVE-2014-3594 was published for horizon (pip) May 13, 2022
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates... Low Unreviewed
CVE-2024-35300 was published May 16, 2024
A vulnerability classified as problematic has been found in PHPGurukul Directory Management... Low Unreviewed
CVE-2024-5136 was published May 20, 2024
A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0... Low Unreviewed
CVE-2024-5137 was published May 20, 2024
Silverstripe admin XSS Vulnerability via WYSIWYG editor Low
GHSA-779c-7w4p-2c4g was published for silverstripe/admin (Composer) May 22, 2024
vxe-table Cross-site Scripting vulnerability Low
CVE-2023-1001 was published for vxe-table (npm) May 24, 2024
Umbraco Forms components vulnerable to Stored Cross-site Scripting Low
CVE-2024-35239 was published for Umbraco.Forms (NuGet) May 28, 2024
RaphaelCSSilva
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both... Low Unreviewed
CVE-2024-3166 was published Jun 6, 2024
A stored cross site scripting vulnerability exists in Tenable Security Center where an... Low Unreviewed
CVE-2024-1891 was published Jun 12, 2024
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible Low Unreviewed
CVE-2024-38507 was published Jun 18, 2024
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000... Low Unreviewed
CVE-2024-6344 was published Jun 26, 2024
October System module has a Reflected XSS via X-October-Request-Handler Header Low
CVE-2024-25637 was published for october/system (Composer) Jun 26, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document Low
CVE-2024-38364 was published for org.dspace:dspace-server-webapp (Maven) Jun 25, 2024
Xib3rR4dAr
FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability... Low Unreviewed
CVE-2024-30951 was published Apr 17, 2024
A stored cross-site scripting (XSS) vulnerability in FUDforum v3.1.3 allows attackers to execute... Low Unreviewed
CVE-2024-30950 was published Apr 17, 2024
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows... Low Unreviewed
CVE-2024-32345 was published Apr 17, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through... Low Unreviewed
CVE-2024-32325 was published Apr 18, 2024
Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to... Low Unreviewed
CVE-2024-32405 was published Apr 22, 2024
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script. Low Unreviewed
CVE-2024-32409 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database