Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.... Low Unreviewed
CVE-2023-48679 was published Feb 27, 2024
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System... Low Unreviewed
CVE-2024-1822 was published Feb 23, 2024
A vulnerability, which was classified as problematic, has been found in Bdtask Bhojon Best... Low Unreviewed
CVE-2024-1749 was published Feb 22, 2024
Concrete CMS vulnerable to stored XSS in file tags and description attributes Low
CVE-2024-1245 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to reflected XSS via the Image URL Import Feature Low
CVE-2024-1246 was published for concrete5/concrete5 (Composer) Feb 9, 2024
Concrete CMS vulnerable to stored XSS via the Role Name field Low
CVE-2024-1247 was published for concrete5/concrete5 (Composer) Feb 9, 2024
A vulnerability has been found in SourceCodester Product Management System 1.0 and classified as... Low Unreviewed
CVE-2024-1269 was published Feb 7, 2024
A vulnerability classified as problematic was found in CodeAstro University Management System 1.0... Low Unreviewed
CVE-2024-1266 was published Feb 7, 2024
A vulnerability classified as problematic has been found in CodeAstro University Management... Low Unreviewed
CVE-2024-1265 was published Feb 7, 2024
Sulu HTML Injection via Autocomplete Suggestion Low
CVE-2024-24807 was published for sulu/sulu (Composer) Feb 5, 2024
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform... Low Unreviewed
CVE-2024-23553 was published Feb 2, 2024
A vulnerability, which was classified as problematic, was found in CodeAstro Simple Student... Low Unreviewed
CVE-2024-1022 was published Jan 30, 2024
A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. Affected is... Low Unreviewed
CVE-2024-1018 was published Jan 29, 2024
A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This... Low Unreviewed
CVE-2024-0948 was published Jan 27, 2024
A vulnerability, which was classified as problematic, has been found in go4rayyan Scumblr up to 2... Low Unreviewed
CVE-2016-15037 was published Jan 21, 2024
A vulnerability, which was classified as problematic, has been found in liuwy-dlsdys zhglxt 4.7.7... Low Unreviewed
CVE-2024-0718 was published Jan 19, 2024
Cross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise... Low Unreviewed
CVE-2023-51381 was published Jan 16, 2024
A vulnerability, which was classified as problematic, was found in DedeBIZ 6.3.0. This affects an... Low Unreviewed
CVE-2024-0557 was published Jan 15, 2024
A vulnerability has been found in SourceCodester House Rental Management System 1.0 and... Low Unreviewed
CVE-2024-0501 was published Jan 13, 2024
A vulnerability, which was classified as problematic, has been found in SourceCodester House... Low Unreviewed
CVE-2024-0499 was published Jan 13, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester House Rental... Low Unreviewed
CVE-2024-0500 was published Jan 13, 2024
A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management... Low Unreviewed
CVE-2024-0476 was published Jan 13, 2024
A vulnerability was found in Online Job Portal 1.0 and classified as problematic. Affected by... Low Unreviewed
CVE-2024-0262 was published Jan 7, 2024
Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page Low
GHSA-4mvm-xh8j-fv27 was published for govuk_tech_docs (RubyGems) Jan 4, 2024 withdrawn
A vulnerability has been found in Zimbra zm-ajax up to 8.8.1 and classified as problematic.... Low Unreviewed
CVE-2017-20188 was published Jan 2, 2024
ProTip! Advisories are also available from the GraphQL API