Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

124,937 advisories

Loading
The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2024-8990 was published Oct 1, 2024
The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-8728 was published Oct 1, 2024
The SVG Complete plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2024-9119 was published Oct 1, 2024
The DK PDF plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of... Moderate Unreviewed
CVE-2024-8727 was published Oct 1, 2024
The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials... Moderate Unreviewed
CVE-2024-8989 was published Oct 1, 2024
The Easy WordPress Subscribe – Optin Hound plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-9267 was published Oct 1, 2024
The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-8720 was published Oct 1, 2024
The Relogo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads... Moderate Unreviewed
CVE-2024-9269 was published Oct 1, 2024
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed
CVE-2024-8675 was published Oct 1, 2024
The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-8718 was published Oct 1, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-8632 was published Oct 1, 2024
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-8107 was published Oct 1, 2024
git-shallow-clone Argument Injection vulnerability Moderate
CVE-2024-21531 was published for git-shallow-clone (npm) Oct 1, 2024
DSimsek000
NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds... Moderate Unreviewed
CVE-2024-0116 was published Oct 1, 2024
A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected... Moderate Unreviewed
CVE-2024-9358 was published Oct 1, 2024
A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as... Moderate Unreviewed
CVE-2024-9359 was published Oct 1, 2024
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9360 was published Oct 1, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47396 was published Oct 1, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed
CVE-2024-45073 was published Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information... Moderate Unreviewed
CVE-2024-28807 was published Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic... Moderate Unreviewed
CVE-2024-28810 was published Sep 30, 2024
An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows... Moderate Unreviewed
CVE-2024-46635 was published Sep 30, 2024
A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before... Moderate Unreviewed
CVE-2024-46540 was published Sep 30, 2024
A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard... Moderate Unreviewed
CVE-2024-46475 was published Sep 30, 2024
An Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0... Moderate Unreviewed
CVE-2024-35495 was published Sep 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database