GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
94 advisories
Filter by severity
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8680
was published
Sep 21, 2024
A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by...
Moderate
Unreviewed
CVE-2024-8145
was published
Aug 25, 2024
Priority - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41697
was published
Aug 20, 2024
Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users...
Moderate
Unreviewed
CVE-2024-6052
was published
Jul 3, 2024
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field...
Moderate
Unreviewed
CVE-2024-25873
was published
Feb 22, 2024
XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2...
Moderate
Unreviewed
CVE-2024-38859
was published
Aug 26, 2024
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-7629
was published
Aug 21, 2024
A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an...
Moderate
Unreviewed
CVE-2024-6183
was published
Jun 20, 2024
Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 (EOL)
Moderate
Unreviewed
CVE-2024-5741
was published
Jun 17, 2024
Mashov - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-41693
was published
Jul 30, 2024
Cross Site Scripting vulnerability in Eskooly Web Product v.3.0 and before allows a remote...
Moderate
Unreviewed
CVE-2024-27716
was published
Jul 5, 2024
Cross Site Scripting vulnerability in Anchor CMS v.0.12.7 allows a remote attacker to execute...
Moderate
Unreviewed
CVE-2024-37732
was published
Jun 24, 2024
zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS)...
Moderate
Unreviewed
CVE-2024-38469
was published
Jun 17, 2024
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows...
Moderate
Unreviewed
CVE-2024-32746
was published
Apr 17, 2024
Webedition CMS 9.2.2.0 has a Stored XSS vulnerability via /webEdition/we_cmd.php.
Moderate
Unreviewed
CVE-2024-28417
was published
Mar 14, 2024
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a...
Moderate
Unreviewed
CVE-2024-31062
was published
Mar 28, 2024
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS...
Moderate
Unreviewed
CVE-2020-13965
was published
May 24, 2022
Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2...
Moderate
Unreviewed
CVE-2024-28832
was published
Jun 25, 2024
Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows...
Moderate
Unreviewed
CVE-2024-28831
was published
Jun 25, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2022-38055
was published
Jun 21, 2024
A vulnerability was found in Genexis Tilgin Home Gateway 322_AS0500-03_05_13_05. It has been...
Moderate
Unreviewed
CVE-2024-6108
was published
Jun 18, 2024
Verint - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Moderate
Unreviewed
CVE-2024-36395
was published
Jun 13, 2024
A vulnerability classified as problematic has been found in playSMS up to 1.4.7. Affected is an...
Moderate
Unreviewed
CVE-2024-5851
was published
Jun 11, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-47513
was published
Jun 4, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2023-48285
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API