Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,666
Maven
4,927
npm
3,454
NuGet
594
pip
2,862
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

234,605 advisories

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34414 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34561 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34547 was published May 8, 2024
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue... Moderate Unreviewed
CVE-2022-40218 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34560 was published May 8, 2024
A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as... Moderate Unreviewed
CVE-2024-4644 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34572 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34546 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34548 was published May 8, 2024
The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-4281 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34563 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34566 was published May 8, 2024
The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed
CVE-2024-4135 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34573 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4438 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4437 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4436 was published May 8, 2024
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag... Moderate Unreviewed
CVE-2023-41651 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34574 was published May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with... High Unreviewed
CVE-2024-22264 was published May 8, 2024
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent... Unknown Unreviewed
CVE-2024-1076 was published May 8, 2024
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If... Unknown Unreviewed
CVE-2024-32674 was published May 8, 2024
 VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22266 was published May 8, 2024
The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-3494 was published May 8, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5... Moderate Unreviewed
CVE-2024-1930 was published May 8, 2024
ProTip! Advisories are also available from the GraphQL API