GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,794
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,017
Maven 5,202
npm 3,722
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 857
Swift 36

Unreviewed advisories

All unreviewed 236,317

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

29,689 advisories

Filter by severity

Sort by

Least recently updated

The Email Address Obfuscation plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-11935 was published Dec 4, 2024

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions... Moderate Unreviewed

CVE-2024-40745 was published Dec 4, 2024

The B Testimonial – testimonial plugin for WP plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-11880 was published Dec 4, 2024

The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-8962 was published Dec 4, 2024

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2024-5020 was published Dec 4, 2024

The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11814 was published Dec 4, 2024

The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for... Moderate Unreviewed

CVE-2024-11854 was published Dec 4, 2024

The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2024-11903 was published Dec 4, 2024

The Intro Tour Tutorial DeepPresentation plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-11466 was published Dec 4, 2024

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the search and node... High Unreviewed

CVE-2024-45717 was published Dec 4, 2024

The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2023-6978 was published Dec 4, 2024

The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-11769 was published Dec 4, 2024

An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup... High Unreviewed

CVE-2024-54664 was published Dec 4, 2024

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10885 was published Dec 4, 2024

The NPS computy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11807 was published Dec 4, 2024

The SG Helper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-11093 was published Dec 4, 2024

The Contact Form, Survey & Form Builder – MightyForms plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11897 was published Dec 4, 2024

The Responsive Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11747 was published Dec 4, 2024

A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered... Moderate Unreviewed

CVE-2024-11479 was published Dec 4, 2024

A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management... Moderate Unreviewed

CVE-2024-51773 was published Dec 3, 2024

Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality Moderate

CVE-2024-53999 was published for mobsf (pip) Dec 3, 2024

Vitess allows HTML injection in /debug/querylogz & /debug/env Moderate

CVE-2024-53257 was published for vitess.io/vitess (Go) Dec 3, 2024

The Goodlayers Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-11200 was published Dec 3, 2024

The WP Mailster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-11782 was published Dec 3, 2024

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-11326 was published Dec 3, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

29,689 advisories