Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+

28,306 advisories

Loading
DOM Clobbering Gadget found in astro's client-side router that leads to XSS Moderate
CVE-2024-47885 was published for astro (npm) Oct 14, 2024
jackfromeast ishmeals
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2... Moderate Unreviewed
CVE-2024-45741 was published Oct 14, 2024
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2... Moderate Unreviewed
CVE-2024-45740 was published Oct 14, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed
CVE-2024-9906 was published Oct 13, 2024
The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2024-8915 was published Oct 12, 2024
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-9595 was published Oct 12, 2024
The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-9696 was published Oct 12, 2024
The Social Sharing (by Danny) plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9704 was published Oct 12, 2024
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is... Moderate Unreviewed
CVE-2024-7489 was published Oct 12, 2024
The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed
CVE-2024-9670 was published Oct 12, 2024
The Mynx Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed
CVE-2024-9656 was published Oct 12, 2024
The ImagePress – Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-9776 was published Oct 12, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-48041 was published Oct 11, 2024
DOMpurify has a nesting-based mXSS High
CVE-2024-47875 was published for dompurify (npm) Oct 11, 2024
bastien-roucaries eslerm
The Embed videos and respect privacy plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-9346 was published Oct 11, 2024
The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin... Moderate Unreviewed
CVE-2024-9436 was published Oct 11, 2024
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-9543 was published Oct 11, 2024
The Language Switcher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-9610 was published Oct 11, 2024
The Increase upload file size & Maximum Execution Time limit plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-9611 was published Oct 11, 2024
The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-9616 was published Oct 11, 2024
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as... Moderate Unreviewed
CVE-2024-9856 was published Oct 11, 2024
The WP Ultimate Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-9051 was published Oct 11, 2024
The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed
CVE-2024-9211 was published Oct 11, 2024
The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use... Moderate Unreviewed
CVE-2024-9221 was published Oct 11, 2024
The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9232 was published Oct 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database