Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,540 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52175 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52193 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52191 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52188 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52189 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52192 was published Feb 1, 2024
Payment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the... Moderate Unreviewed
CVE-2024-24548 was published Feb 1, 2024
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and... Moderate Unreviewed
CVE-2024-23941 was published Feb 1, 2024
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2023-7069 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22150 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22153 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22146 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22158 was published Jan 31, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code... Moderate Unreviewed
CVE-2024-1111 was published Jan 31, 2024
In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name... Moderate Unreviewed
CVE-2023-28807 was published Jan 31, 2024
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects... Moderate Unreviewed
CVE-2024-1113 was published Jan 31, 2024
A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This... Moderate Unreviewed
CVE-2024-1114 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22297 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22292 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22295 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22310 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22302 was published Jan 31, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-22306 was published Jan 31, 2024
Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and... Moderate Unreviewed
CVE-2023-50166 was published Jan 31, 2024
An attacker could potentially exploit this vulnerability, leading to files being read from the... Moderate Unreviewed
CVE-2023-5390 was published Jan 31, 2024
ProTip! Advisories are also available from the GraphQL API