GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,829 advisories
Filter by severity
Wire UI has a JS XSS Vulnerability on route /wireui/button?label=Content
Moderate
CVE-2024-45803
was published
for
wireui/wireui
(Composer)
Sep 17, 2024
Improper neutralization of input in Checkmk before versions 2.3.0p16 and 2.2.0p34 allows...
Moderate
Unreviewed
CVE-2024-38860
was published
Sep 17, 2024
Contao affected by insert tag injection via canonical URL
Moderate
CVE-2024-45612
was published
for
contao/core-bundle
(Composer)
Sep 17, 2024
Concrete CMS Stored XSS in the "Next&Previous Nav" block
Moderate
CVE-2024-8661
was published
for
concrete5/concrete5
(Composer)
Sep 16, 2024
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin panel with QuillJS WYSWYG editor
Moderate
CVE-2024-39910
was published
for
decidim
(RubyGems)
Sep 16, 2024
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log
Moderate
CVE-2024-32034
was published
for
decidim-admin
(RubyGems)
Sep 16, 2024
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Low
Unreviewed
CVE-2024-46970
was published
Sep 16, 2024
SmartRobot from INTUMIT does not properly validate a specific page parameter, allowing...
Moderate
Unreviewed
CVE-2024-8776
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-45459
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44062
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-45460
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-44053
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44057
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-44060
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44054
was published
Sep 16, 2024
A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24....
Moderate
Unreviewed
CVE-2024-8863
was published
Sep 16, 2024
A vulnerability was found in AutoCMS 5.4. It has been classified as problematic. This affects an...
Moderate
Unreviewed
CVE-2024-8866
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44063
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44058
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44056
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-44059
was published
Sep 16, 2024
A vulnerability was found in Perfex CRM 3.1.6. It has been declared as problematic. This...
Moderate
Unreviewed
CVE-2024-8867
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-45456
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-45457
was published
Sep 16, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-45458
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API