Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed
CVE-2024-8145 was published Aug 25, 2024
Mautic vulnerable to cross-site scripting in notifications via saving Dashboards Moderate
CVE-2022-25774 was published for mautic/core (Composer) Apr 12, 2024
Vautia
Craft CMS vulnerable to stored XSS in breadcrumb list and title fields Moderate
CVE-2024-45406 was published for craftcms/cms (Composer) Sep 9, 2024
amame04
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed
CVE-2024-41697 was published Aug 20, 2024
Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users... Moderate Unreviewed
CVE-2024-6052 was published Jul 3, 2024
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field... Moderate Unreviewed
CVE-2024-25873 was published Feb 22, 2024
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2... Moderate Unreviewed
CVE-2024-38859 was published Aug 26, 2024
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-7629 was published Aug 21, 2024
A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an... Moderate Unreviewed
CVE-2024-6183 was published Jun 20, 2024
TCPDF Cross-site Scripting vulnerability Moderate
CVE-2024-32489 was published for tecnickcom/tcpdf (Composer) Apr 15, 2024
Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL) Moderate Unreviewed
CVE-2024-5741 was published Jun 17, 2024
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) Moderate Unreviewed
CVE-2024-41693 was published Jul 30, 2024
WooCommerce has a Cross-Site Scripting (XSS) Vulnerability in checkout & registration forms Moderate
CVE-2024-37297 was published for woocommerce/woocommerce (Composer) Jun 12, 2024
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote... Moderate Unreviewed
CVE-2024-27716 was published Jul 5, 2024
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute... Moderate Unreviewed
CVE-2024-37732 was published Jun 24, 2024
zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS)... Moderate Unreviewed
CVE-2024-38469 was published Jun 17, 2024
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows... Moderate Unreviewed
CVE-2024-32746 was published Apr 17, 2024
Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php. Moderate Unreviewed
CVE-2024-28417 was published Mar 14, 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a... Moderate Unreviewed
CVE-2024-31062 was published Mar 28, 2024
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS... Moderate Unreviewed
CVE-2020-13965 was published May 24, 2022
Cross-site Scripting in ZenUML Moderate
CVE-2024-38527 was published for @zenuml/core (npm) Jun 26, 2024
Yash-Singh1
Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2... Moderate Unreviewed
CVE-2024-28832 was published Jun 25, 2024
Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows... Moderate Unreviewed
CVE-2024-28831 was published Jun 25, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2022-38055 was published Jun 21, 2024
A vulnerability was found in Genexis Tilgin Home Gateway 322_AS0500-03_05_13_05. It has been... Moderate Unreviewed
CVE-2024-6108 was published Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API