GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,667
Maven
4,927
npm
3,454
NuGet
595
pip
2,871
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
216,192 advisories
Filter by severity
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34564
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34565
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34568
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34562
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34569
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34570
was published
May 8, 2024
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through...
High
Unreviewed
CVE-2024-3507
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34571
was published
May 8, 2024
Missing Authorization vulnerability in Multi-column Tag Map.This issue affects Multi-column Tag...
Moderate
Unreviewed
CVE-2023-41651
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34574
was published
May 8, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34573
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4438
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4437
was published
May 8, 2024
The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE...
High
Unreviewed
CVE-2024-4436
was published
May 8, 2024
VMware Avi Load Balancer contains an information disclosure vulnerability. A malicious actor...
Moderate
Unreviewed
CVE-2024-22266
was published
May 8, 2024
The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-3494
was published
May 8, 2024
The SSL Zen WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent...
Unknown
Unreviewed
CVE-2024-1076
was published
May 8, 2024
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If...
Unknown
Unreviewed
CVE-2024-32674
was published
May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with...
High
Unreviewed
CVE-2024-22264
was published
May 8, 2024
No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5...
Moderate
Unreviewed
CVE-2024-1930
was published
May 8, 2024
In affected versions of Octopus Server with certain access levels it was possible to embed a...
Moderate
Unreviewed
CVE-2024-4456
was published
May 8, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an...
High
Unreviewed
CVE-2024-2860
was published
May 8, 2024
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a...
High
Unreviewed
CVE-2024-1929
was published
May 8, 2024
Incomplete fix for CVE-2024-1929
The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon...
High
Unreviewed
CVE-2024-2746
was published
May 8, 2024
A buffer error in Panasonic KW Watcher versions 1.00 through 2.83 may allow attackers malicious...
Moderate
Unreviewed
CVE-2024-4162
was published
May 8, 2024
ProTip!
Advisories are also available from the
GraphQL API