Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,009 advisories

Loading
Azure DevOps Server Spoofing Vulnerability High Unreviewed
CVE-2024-35266 was published Jul 9, 2024
Azure DevOps Server Spoofing Vulnerability High Unreviewed
CVE-2024-35267 was published Jul 9, 2024
Cross-site Scripting (XSS) - Stored in GitHub repository stitionai/devika prior to -. High Unreviewed
CVE-2024-5711 was published Jul 8, 2024
A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization... High Unreviewed
CVE-2023-41922 was published Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36997 was published Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This... High Unreviewed
CVE-2024-28798 was published Jun 30, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28983 was published Jun 27, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,... High Unreviewed
CVE-2024-28984 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11... High Unreviewed
CVE-2024-4901 was published Jun 27, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is... High Unreviewed
CVE-2024-5791 was published Jun 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35766 was published Jun 21, 2024
Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight... High Unreviewed
CVE-2024-4190 was published Jun 11, 2024
SAP Financial Consolidation allows data to enter a Web application through an untrusted source.... High Unreviewed
CVE-2024-37177 was published Jun 11, 2024
ghtml Cross-Site Scripting (XSS) vulnerability High
CVE-2024-37166 was published for ghtml (npm) Jun 10, 2024
lirantal
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35697 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35706 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35694 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35696 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35679 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35687 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35693 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35733 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35718 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35737 was published Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35734 was published Jun 8, 2024
ProTip! Advisories are also available from the GraphQL API