GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,666
Maven
4,927
npm
3,454
NuGet
594
pip
2,862
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
234,605 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34414
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34561
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34547
was published
May 8, 2024
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue...
Moderate
Unreviewed
CVE-2022-40218
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34560
was published
May 8, 2024
A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-4644
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34572
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34546
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34548
was published
May 8, 2024
The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-4281
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34563
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34566
was published
May 8, 2024
The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all...
Moderate
Unreviewed
CVE-2024-4135
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34573
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag...
Moderate
Unreviewed
CVE-2023-41651
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34574
was published
May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with...
High
Unreviewed
CVE-2024-22264
was published
May 8, 2024
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent...
Unknown
Unreviewed
CVE-2024-1076
was published
May 8, 2024
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If...
Unknown
Unreviewed
CVE-2024-32674
was published
May 8, 2024
VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor...
Moderate
Unreviewed
CVE-2024-22266
was published
May 8, 2024
The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-3494
was published
May 8, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5...
Moderate
Unreviewed
CVE-2024-1930
was published
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API