GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,788
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,017
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,332 advisories

Filter by severity

Sort by

Least recently updated

The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the... Moderate Unreviewed

CVE-2023-7236 was published Mar 18, 2024

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions... Unknown Unreviewed

CVE-2024-40745 was published Dec 4, 2024

The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-11935 was published Dec 4, 2024

An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup... High Unreviewed

CVE-2024-54664 was published Dec 4, 2024

The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-8962 was published Dec 4, 2024

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2024-5020 was published Dec 4, 2024

The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for... Moderate Unreviewed

CVE-2024-11854 was published Dec 4, 2024

The B Testimonial – testimonial plugin for WP plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-11880 was published Dec 4, 2024

The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2024-11903 was published Dec 4, 2024

The Intro Tour Tutorial DeepPresentation plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-11466 was published Dec 4, 2024

The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11814 was published Dec 4, 2024

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node... High Unreviewed

CVE-2024-45717 was published Dec 4, 2024

The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2023-6978 was published Dec 4, 2024

The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11769 was published Dec 4, 2024

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10885 was published Dec 4, 2024

The NPS computy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11807 was published Dec 4, 2024

The SG Helper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-11093 was published Dec 4, 2024

The Contact Form, Survey & Form Builder – MightyForms plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11897 was published Dec 4, 2024

The Responsive Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11747 was published Dec 4, 2024

A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered... Moderate Unreviewed

CVE-2024-11479 was published Dec 4, 2024

A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... Moderate Unreviewed

CVE-2024-51773 was published Dec 3, 2024

A vulnerability classified as problematic was found in Guizhou Xiaoma Technology jpress 5.1.2.... Moderate Unreviewed

CVE-2024-11971 was published Nov 29, 2024

A stored Cross-Site Scripting (XSS) vulnerability has been identified in SMSEagle software... Moderate Unreviewed

CVE-2024-37392 was published Aug 23, 2024

Incorrect access control in eSoft Planner 3.24.08271-USA allow attackers to view all transactions... High Unreviewed

CVE-2024-48536 was published Nov 20, 2024

Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote... Moderate Unreviewed

CVE-2023-44854 was published Apr 12, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,332 advisories