Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,839 advisories

Loading
Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field) Low
CVE-2024-47058 was published for mautic/core (Composer) Sep 18, 2024
lenonleite escopecz
Mautic vulnerable to XSS in contact/company tracking (no authentication) Moderate
CVE-2024-47050 was published for mautic/core (Composer) Sep 18, 2024
mqrtin patrykgruszka
lenonleite escopecz
The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-8364 was published Sep 19, 2024
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-8850 was published Sep 19, 2024
Django Cross-site Scripting Vulnerability Moderate
CVE-2015-0220 was published for Django (pip) May 17, 2022
Django cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget Moderate
CVE-2013-4249 was published for django (pip) May 17, 2022
auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped High
CVE-2024-45592 was published for damienharper/auditor-bundle (Composer) Sep 10, 2024
fkropfhamer
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed
CVE-2024-8145 was published Aug 25, 2024
Mautic vulnerable to cross-site scripting in notifications via saving Dashboards Moderate
CVE-2022-25774 was published for mautic/core (Composer) Apr 12, 2024
Vautia
Django XSS Vulnerability Moderate
CVE-2016-2512 was published for Django (pip) May 17, 2022
MarkLee131
Django cross-site scripting (XSS) vulnerability via is_safe_url function Moderate
CVE-2013-6044 was published for Django (pip) May 17, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for Django (pip) Jan 4, 2019
MarkLee131
Camaleon CMS vulnerable to stored XSS through user file upload (GHSL-2024-184) Moderate
GHSA-r9cr-qmfw-pmrc was published for camaleon_cms (RubyGems) Sep 18, 2024
texpert
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2024-6877 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2024-5959 was published Sep 18, 2024
Django Cross-site Scripting Vulnerability Moderate
CVE-2015-2241 was published for django (pip) May 17, 2022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43938 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44008 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43971 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44049 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-43970 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43972 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43987 was published Sep 18, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-43993 was published Sep 18, 2024
ProTip! Advisories are also available from the GraphQL API