GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105,009 advisories
Filter by severity
The Relogo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads...
Moderate
Unreviewed
CVE-2024-9269
was published
Oct 1, 2024
The RumbleTalk Live Group Chat – HTML5 plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8720
was published
Oct 1, 2024
The Easy Load More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8728
was published
Oct 1, 2024
The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials...
Moderate
Unreviewed
CVE-2024-8989
was published
Oct 1, 2024
The R Animated Icon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9272
was published
Oct 1, 2024
The Geo Mashup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-8990
was published
Oct 1, 2024
The SVG Complete plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File...
Moderate
Unreviewed
CVE-2024-9119
was published
Oct 1, 2024
The Soumettre.fr plugin for WordPress is vulnerable to unauthorized modification of data due to a...
Moderate
Unreviewed
CVE-2024-8675
was published
Oct 1, 2024
The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-8632
was published
Oct 1, 2024
The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-8718
was published
Oct 1, 2024
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG...
Moderate
Unreviewed
CVE-2024-8107
was published
Oct 1, 2024
NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds...
Moderate
Unreviewed
CVE-2024-0116
was published
Oct 1, 2024
A vulnerability has been found in ThingsBoard up to 3.7.0 and classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-9358
was published
Oct 1, 2024
A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9360
was published
Oct 1, 2024
A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as...
Moderate
Unreviewed
CVE-2024-9359
was published
Oct 1, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47396
was published
Oct 1, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This...
Moderate
Unreviewed
CVE-2024-45073
was published
Oct 1, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information...
Moderate
Unreviewed
CVE-2024-28807
was published
Sep 30, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic...
Moderate
Unreviewed
CVE-2024-28810
was published
Sep 30, 2024
TP-Link Tapo P125M and Kasa KP125M v1.0.3 was discovered to improperly validate certificates,...
Moderate
Unreviewed
CVE-2024-46548
was published
Sep 30, 2024
Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
Moderate
Unreviewed
CVE-2024-45993
was published
Sep 30, 2024
A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before...
Moderate
Unreviewed
CVE-2024-46540
was published
Sep 30, 2024
A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard...
Moderate
Unreviewed
CVE-2024-46475
was published
Sep 30, 2024
Cross Application Scripting vulnerability in Vercom S.A. Redlink SDK in specific situations...
Moderate
Unreviewed
CVE-2024-6051
was published
Sep 30, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47641
was published
Sep 30, 2024
ProTip!
Advisories are also available from the
GraphQL API