GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,235

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,317 advisories

Filter by severity

Sort by

Least recently updated

The NPS computy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11807 was published Dec 4, 2024

The SG Helper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-11093 was published Dec 4, 2024

The Contact Form, Survey & Form Builder – MightyForms plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11897 was published Dec 4, 2024

The Responsive Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11747 was published Dec 4, 2024

A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered... Moderate Unreviewed

CVE-2024-11479 was published Dec 4, 2024

A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... Moderate Unreviewed

CVE-2024-51773 was published Dec 3, 2024

The Goodlayers Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11200 was published Dec 3, 2024

The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-11782 was published Dec 3, 2024

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-11326 was published Dec 3, 2024

The AWeber Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-11325 was published Dec 3, 2024

The BMLT Tabbed Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11866 was published Dec 3, 2024

The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel,... Moderate Unreviewed

CVE-2024-9058 was published Dec 3, 2024

The Quick License Manager – WooCommerce Plugin plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-11805 was published Dec 3, 2024

The My auctions allegro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11707 was published Dec 3, 2024

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals... Moderate Unreviewed

CVE-2024-11898 was published Dec 3, 2024

The WordPress Pinterest Plugin – Make a Popup, User Profile, Masonry and Gallery Layout plugin... Moderate Unreviewed

CVE-2024-11453 was published Dec 3, 2024

The Form Data Collector plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11461 was published Dec 3, 2024

The jAlbum Bridge plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ar’... Moderate Unreviewed

CVE-2024-11853 was published Dec 3, 2024

The Spectra – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10484 was published Dec 3, 2024

The CMSMasters Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-9694 was published Dec 3, 2024

A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to... Moderate Unreviewed

CVE-2024-53617 was published Dec 2, 2024

ServiceNow has addressed an HTML injection vulnerability that was identified in the Now Platform.... Moderate Unreviewed

CVE-2024-5890 was published Dec 2, 2024

Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (XSS) via the /scgi?sid parameter. Moderate Unreviewed

CVE-2024-53459 was published Dec 2, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-53721 was published Dec 2, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-53741 was published Dec 2, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

26,317 advisories