Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28,307 advisories

Loading
SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs,... Moderate Unreviewed
CVE-2024-47594 was published Oct 8, 2024
A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM Automation v6.18.17... Moderate Unreviewed
CVE-2024-42831 was published Oct 7, 2024
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. High Unreviewed
CVE-2024-46278 was published Oct 7, 2024
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed
CVE-2024-46300 was published Oct 7, 2024
LimeSurvey Cross Site Scripting vulnerability Moderate
CVE-2024-28710 was published for limesurvey/limesurvey (Composer) Oct 7, 2024
LimeSurvey Cross Site Scripting vulnerability Moderate
CVE-2024-28709 was published for limesurvey/limesurvey (Composer) Oct 7, 2024
Krayin CRM vulnerable to Cross Site Scripting (XSS) via the organization name Moderate
CVE-2024-45932 was published for krayin/laravel-crm (Composer) Oct 7, 2024
PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via JavaScript hyperlinks Moderate
CVE-2024-45292 was published for phpoffice/phpspreadsheet (Composer) Oct 7, 2024
emilvirkki
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-45153 was published Oct 7, 2024
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of... Moderate Unreviewed
CVE-2024-9571 was published Oct 7, 2024
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of... Moderate Unreviewed
CVE-2024-9572 was published Oct 7, 2024
Saltcorn Server Stored Cross-Site Scripting (XSS) in event logs page Moderate
GHSA-pf56-h9qf-rxq4 was published for @saltcorn/server (npm) Oct 7, 2024
dellalibera
Lara-zeus Dynamic Dashboard and Artemis do not validate paragraph widget values which can be used for XSS Moderate
CVE-2024-47817 was published for lara-zeus/artemis (Composer) Oct 7, 2024
sharmaraghs
PhpSpreadsheet has an Unauthenticated Cross-Site-Scripting (XSS) in sample file Moderate
CVE-2024-45060 was published for phpoffice/phpspreadsheet (Composer) Oct 7, 2024
stealthcopter
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44032 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44033 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44026 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44027 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44035 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44040 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44036 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44037 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-44039 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-47650 was published Oct 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-44029 was published Oct 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database