Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,667
Maven
4,927
npm
3,454
NuGet
595
pip
2,871
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

216,192 advisories

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34564 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34565 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34568 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34562 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34569 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34570 was published May 8, 2024
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through... High Unreviewed
CVE-2024-3507 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34571 was published May 8, 2024
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag... Moderate Unreviewed
CVE-2023-41651 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34574 was published May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34573 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4438 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4437 was published May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE... High Unreviewed
CVE-2024-4436 was published May 8, 2024
 VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22266 was published May 8, 2024
The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-3494 was published May 8, 2024
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent... Unknown Unreviewed
CVE-2024-1076 was published May 8, 2024
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If... Unknown Unreviewed
CVE-2024-32674 was published May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with... High Unreviewed
CVE-2024-22264 was published May 8, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5... Moderate Unreviewed
CVE-2024-1930 was published May 8, 2024
In affected versions of Octopus Server with certain access levels it was possible to embed a... Moderate Unreviewed
CVE-2024-4456 was published May 8, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed
CVE-2024-2860 was published May 8, 2024
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a... High Unreviewed
CVE-2024-1929 was published May 8, 2024
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon... High Unreviewed
CVE-2024-2746 was published May 8, 2024
A buffer error in Panasonic KW Watcher versions 1.00 through 2.83 may allow attackers malicious... Moderate Unreviewed
CVE-2024-4162 was published May 8, 2024
ProTip! Advisories are also available from the GraphQL API