GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30,218 advisories
Filter by severity
Cross Site Scripting (XSS) vulnerability while uploading content to a new deployment
Moderate
GHSA-64gp-r758-8pfm
was published
for
org.jboss.hal:hal-console
(Maven)
Dec 23, 2024
Cross-site Scripting vulnerability in SimpleXLSXEx::readThemeColors, SimpleXLSXEx::getColorValue and SimpleXLSX::toHTMLEx
Moderate
CVE-2024-56364
was published
for
shuchkin/simplexlsx
(Composer)
Dec 23, 2024
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-11230
was published
Dec 23, 2024
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System...
Moderate
Unreviewed
CVE-2024-12892
was published
Dec 22, 2024
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to...
Moderate
Unreviewed
CVE-2024-12893
was published
Dec 22, 2024
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-12883
was published
Dec 21, 2024
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-12591
was published
Dec 21, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-10453
was published
Dec 21, 2024
The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver'...
Moderate
Unreviewed
CVE-2024-11688
was published
Dec 21, 2024
The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST...
Moderate
Unreviewed
CVE-2024-12408
was published
Dec 21, 2024
The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-11196
was published
Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the...
Moderate
Unreviewed
CVE-2024-11287
was published
Dec 21, 2024
The G Web Pro Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-11682
was published
Dec 21, 2024
The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-11808
was published
Dec 21, 2024
The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce...
Moderate
Unreviewed
CVE-2024-11938
was published
Dec 21, 2024
The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-12262
was published
Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-12588
was published
Dec 21, 2024
The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up...
Moderate
Unreviewed
CVE-2024-12697
was published
Dec 21, 2024
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-9545
was published
Dec 21, 2024
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1....
Moderate
Unreviewed
CVE-2024-12846
was published
Dec 21, 2024
The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-11811
was published
Dec 21, 2024
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this...
Moderate
Unreviewed
CVE-2024-12845
was published
Dec 21, 2024
Piranha CMS Cross-site Scripting vulnerability
Moderate
CVE-2024-55341
was published
for
Piranha
(NuGet)
Dec 20, 2024
Piranha CMS Cross-site Scripting vulnerability
Moderate
CVE-2024-55342
was published
for
Piranha
(NuGet)
Dec 20, 2024
There is a cross-site scripting vulnerability in the
management console of Absolute Secure Access...
Moderate
Unreviewed
CVE-2024-40875
was published
Dec 20, 2024
ProTip!
Advisories are also available from the
GraphQL API