GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,410
Composer 3,972
Erlang 29
GitHub Actions 16
Go 1,762
Maven 4,983
npm 3,518
NuGet 609
pip 3,094
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,724

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,773 advisories

Filter by severity

Sort by

Least recently updated

Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users... Moderate Unreviewed

CVE-2024-6052 was published Jul 3, 2024

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including... Moderate Unreviewed

CVE-2024-3800 was published Jul 3, 2024

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a... Moderate Unreviewed

CVE-2024-5737 was published Jul 3, 2024

OpenPLC 3 through 9cd8f1b allows XSS via an SVG document as a profile picture. Moderate Unreviewed

CVE-2024-37741 was published Jul 3, 2024

A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels... Moderate Unreviewed

CVE-2024-6471 was published Jul 3, 2024

A vulnerability was found in playSMS 1.4.3. It has been rated as problematic. Affected by this... Moderate Unreviewed

CVE-2024-6470 was published Jul 3, 2024

A vulnerability was found in playSMS 1.4.3. It has been declared as problematic. Affected by this... Moderate Unreviewed

CVE-2024-6469 was published Jul 3, 2024

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of... Moderate Unreviewed

CVE-2024-39133 was published Jun 27, 2024

Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent... Moderate Unreviewed

CVE-2024-6428 was published Jul 3, 2024

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Moderate Unreviewed

CVE-2024-39153 was published Jun 27, 2024

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-6340 was published Jul 3, 2024

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed

CVE-2024-4482 was published Jul 3, 2024

The WP Lightbox 2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-6263 was published Jul 3, 2024

The Himer WordPress theme before 2.1.1 does not sanitise and escape some of its Post settings,... Moderate Unreviewed

CVE-2024-2234 was published Jul 3, 2024

The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider... Moderate Unreviewed

CVE-2024-2375 was published Jul 3, 2024

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed

CVE-2024-2235 was published Jul 3, 2024

The Frontend Checklist WordPress plugin through 2.3.2 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-4959 was published Jun 26, 2024

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed

CVE-2024-2233 was published Jul 3, 2024

The Snippet Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-4543 was published Jul 3, 2024

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed

CVE-2024-2040 was published Jul 3, 2024

Out-of-Bounds Write vulnerability in Jungo WinDriver before 12.6.0 allows local attackers to... Moderate Unreviewed

CVE-2024-22103 was published Jul 2, 2024

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low... Moderate Unreviewed

CVE-2024-39143 was published Jul 2, 2024

The Easy Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-5219 was published Jul 2, 2024

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-4627 was published Jul 2, 2024

The Void Contact Form 7 Widget For Elementor Page Builder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-5419 was published Jul 2, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,773 advisories