Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

29,092 advisories

Loading
Persistent and reflected XSS vulnerabilities in the themeMode cookie and _h URL parameter of... Moderate Unreviewed
CVE-2024-50601 was published Nov 12, 2024
Cross Site Scripting vulnerability in Online Shop Store v.1.0 allows a remote attacker to execute... Moderate Unreviewed
CVE-2024-51213 was published Nov 12, 2024
The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the... Moderate Unreviewed
CVE-2024-51026 was published Nov 11, 2024
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed
CVE-2024-51189 was published Nov 11, 2024
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed
CVE-2024-51190 was published Nov 11, 2024
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed
CVE-2024-51187 was published Nov 11, 2024
powertac-server XML External Entity vulnerability High
CVE-2024-51135 was published for org.powertac:server-interface (Maven) Nov 11, 2024
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store... Moderate Unreviewed
CVE-2024-51188 was published Nov 11, 2024
A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic... Moderate Unreviewed
CVE-2024-11078 was published Nov 11, 2024
A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a... Moderate Unreviewed
CVE-2024-43439 was published Nov 11, 2024
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2024-45087 was published Nov 11, 2024
IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed
CVE-2024-45088 was published Nov 11, 2024
A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php in... Moderate Unreviewed
CVE-2024-50991 was published Nov 11, 2024
A Reflected Cross Site Scriptng (XSS) vulnerability was found in /omrs/user/search.php in... Moderate Unreviewed
CVE-2024-50990 was published Nov 11, 2024
A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul... Moderate Unreviewed
CVE-2024-51054 was published Nov 11, 2024
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5... Moderate Unreviewed
CVE-2024-11070 was published Nov 11, 2024
Moodle Cross-site Scripting vulnerability Low
CVE-2024-43437 was published for moodle/moodle (Composer) Nov 11, 2024
Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with... Moderate Unreviewed
CVE-2024-11021 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52354 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52350 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52352 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52351 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52353 was published Nov 11, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-52355 was published Nov 11, 2024
Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2024-11019 was published Nov 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database