GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,009 advisories
Filter by severity
Cross-site Scripting (XSS) - Stored in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5711
was published
Jul 8, 2024
A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization...
High
Unreviewed
CVE-2023-41922
was published
Jul 2, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2024-36997
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This...
High
Unreviewed
CVE-2024-28798
was published
Jun 30, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,...
High
Unreviewed
CVE-2024-28983
was published
Jun 27, 2024
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7,...
High
Unreviewed
CVE-2024-28984
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11...
High
Unreviewed
CVE-2024-4901
was published
Jun 27, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
High
Unreviewed
CVE-2024-5791
was published
Jun 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35766
was published
Jun 21, 2024
Stored Cross-Site Scripting (XSS) vulnerabilities have been identified in OpenText ArcSight...
High
Unreviewed
CVE-2024-4190
was published
Jun 11, 2024
SAP Financial Consolidation allows data to enter
a Web application through an untrusted source....
High
Unreviewed
CVE-2024-37177
was published
Jun 11, 2024
ghtml Cross-Site Scripting (XSS) vulnerability
High
CVE-2024-37166
was published
for
ghtml
(npm)
Jun 10, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35697
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35706
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35694
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35696
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35679
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35687
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35693
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35733
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35718
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35737
was published
Jun 8, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35734
was published
Jun 8, 2024
ProTip!
Advisories are also available from the
GraphQL API