GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
28,306 advisories
Filter by severity
DOM Clobbering Gadget found in astro's client-side router that leads to XSS
Moderate
CVE-2024-47885
was published
for
astro
(npm)
Oct 14, 2024
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2...
Moderate
Unreviewed
CVE-2024-45741
was published
Oct 14, 2024
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2...
Moderate
Unreviewed
CVE-2024-45740
was published
Oct 14, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear...
Moderate
Unreviewed
CVE-2024-9906
was published
Oct 13, 2024
The Category Icon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-8915
was published
Oct 12, 2024
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-9595
was published
Oct 12, 2024
The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-9696
was published
Oct 12, 2024
The Social Sharing (by Danny) plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9704
was published
Oct 12, 2024
The Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-7489
was published
Oct 12, 2024
The 2D Tag Cloud plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the...
Moderate
Unreviewed
CVE-2024-9670
was published
Oct 12, 2024
The Mynx Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-9656
was published
Oct 12, 2024
The ImagePress – Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-9776
was published
Oct 12, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-48041
was published
Oct 11, 2024
DOMpurify has a nesting-based mXSS
High
CVE-2024-47875
was published
for
dompurify
(npm)
Oct 11, 2024
The Embed videos and respect privacy plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-9346
was published
Oct 11, 2024
The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin...
Moderate
Unreviewed
CVE-2024-9436
was published
Oct 11, 2024
The PowerPress Podcasting plugin by Blubrry plugin for WordPress is vulnerable to Stored Cross...
Moderate
Unreviewed
CVE-2024-9543
was published
Oct 11, 2024
The Language Switcher plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-9610
was published
Oct 11, 2024
The Increase upload file size & Maximum Execution Time limit plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-9611
was published
Oct 11, 2024
The BlockMeister – Block Pattern Builder plugin for WordPress is vulnerable to Reflected Cross...
Moderate
Unreviewed
CVE-2024-9616
was published
Oct 11, 2024
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as...
Moderate
Unreviewed
CVE-2024-9856
was published
Oct 11, 2024
The WP Ultimate Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9051
was published
Oct 11, 2024
The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-9211
was published
Oct 11, 2024
The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...
Moderate
Unreviewed
CVE-2024-9221
was published
Oct 11, 2024
The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9232
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API