GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,146
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,762
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,580

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118 advisories

Filter by severity

Sort by

Least recently updated

IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-35112 was published Jan 25, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-24678 was published Jan 24, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-24673 was published Jan 24, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-23919 was published Jan 16, 2025

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML... Moderate Unreviewed

CVE-2024-41752 was published Dec 18, 2024

The Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS... Moderate Unreviewed

CVE-2024-12127 was published Dec 17, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-54223 was published Dec 9, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2023-47869 was published Dec 9, 2024

A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated... Moderate Unreviewed

CVE-2020-26067 was published Nov 18, 2024

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10592 was published Nov 16, 2024

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an... Moderate Unreviewed

CVE-2022-20654 was published Nov 15, 2024

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2024-10038 was published Nov 13, 2024

The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10621 was published Nov 8, 2024

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure... Moderate Unreviewed

CVE-2024-20504 was published Nov 6, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-9147 was published Nov 4, 2024

The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-9438 was published Oct 29, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20382 was published Oct 23, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20341 was published Oct 23, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed

CVE-2024-20460 was published Oct 16, 2024

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ... Moderate Unreviewed

CVE-2024-47139 was published Oct 16, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed

CVE-2024-38039 was published Oct 4, 2024

The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8872 was published Sep 26, 2024

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8680 was published Sep 21, 2024

XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2... Moderate Unreviewed

CVE-2024-38859 was published Aug 26, 2024

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed

CVE-2024-8145 was published Aug 25, 2024

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

118 advisories