GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30,233 advisories
Filter by severity
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating...
Moderate
Unreviewed
CVE-2023-23357
was published
Dec 19, 2024
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site...
Moderate
Unreviewed
CVE-2021-20553
was published
Dec 19, 2024
baserCMS Cross-site Scripting vulnerability in Site search Feature
Moderate
CVE-2023-44379
was published
for
baserproject/basercms
(Composer)
Feb 22, 2024
In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and...
Moderate
Unreviewed
CVE-2024-56173
was published
Dec 18, 2024
In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and...
High
Unreviewed
CVE-2024-56174
was published
Dec 18, 2024
Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The...
High
Unreviewed
CVE-2023-6123
was published
Feb 15, 2024
Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS).
Moderate
Unreviewed
CVE-2024-55492
was published
Dec 18, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3
is potentially...
Moderate
Unreviewed
CVE-2024-25042
was published
Dec 18, 2024
A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate...
Moderate
Unreviewed
CVE-2024-55059
was published
Dec 17, 2024
Liferay Portal and Liferay DXP have Cross-site Scripting vulnerability in edit Service Access Policy page
Moderate
CVE-2023-37940
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Dec 18, 2024
In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and...
Moderate
Unreviewed
CVE-2024-56175
was published
Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-54350
was published
Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56016
was published
Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-56010
was published
Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-51646
was published
Dec 18, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
High
Unreviewed
CVE-2024-49677
was published
Dec 18, 2024
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-12449
was published
Dec 18, 2024
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-11254
was published
Dec 18, 2024
The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-11748
was published
Dec 18, 2024
The Easy Waveform Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-11881
was published
Dec 18, 2024
The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-12500
was published
Dec 18, 2024
The Contests by Rewards Fuel plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-12513
was published
Dec 18, 2024
The ScanCircle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-11439
was published
Dec 18, 2024
A stored cross-site scripting (XSS) vulnerability was identified in Phpgurukul Online Birth...
Moderate
Unreviewed
CVE-2024-55056
was published
Dec 17, 2024
Liferay Portal and Liferay DXP vulnerable to Criss-site Scripting
Moderate
CVE-2024-11993
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Dec 17, 2024
ProTip!
Advisories are also available from the
GraphQL API