GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,107 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35757
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects...
Moderate
Unreviewed
CVE-2024-35771
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35760
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects...
Moderate
Unreviewed
CVE-2024-35772
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP...
Moderate
Unreviewed
CVE-2024-35776
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue...
Moderate
Unreviewed
CVE-2024-37230
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35768
was published
Jun 21, 2024
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter...
Moderate
Unreviewed
CVE-2024-6239
was published
Jun 21, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event...
Moderate
Unreviewed
CVE-2024-5059
was published
Jun 21, 2024
Missing Authorization vulnerability in Nikolay Strikhar WordPress Form Builder Plugin – Gutenberg...
Moderate
Unreviewed
CVE-2022-45803
was published
Jun 21, 2024
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from...
Moderate
Unreviewed
CVE-2023-51375
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue...
Moderate
Unreviewed
CVE-2024-37198
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery...
Moderate
Unreviewed
CVE-2024-35770
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects...
Moderate
Unreviewed
CVE-2024-37227
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue...
Moderate
Unreviewed
CVE-2024-37118
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35769
was published
Jun 21, 2024
Improper Input Validation vulnerability in ABB 800xA Base.
An attacker who successfully exploited...
Moderate
Unreviewed
CVE-2024-3036
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35774
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35779
was published
Jun 21, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-5058
was published
Jun 21, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5859
was published
Jun 21, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-6225
was published
Jun 21, 2024
The WP SVG Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type...
Moderate
Unreviewed
CVE-2024-5945
was published
Jun 21, 2024
The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-5191
was published
Jun 21, 2024
The User Profile Picture plugin for WordPress is vulnerable to Insecure Direct Object Reference...
Moderate
Unreviewed
CVE-2024-5639
was published
Jun 21, 2024
ProTip!
Advisories are also available from the
GraphQL API