GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,733
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,724

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed

CVE-2022-20740 was published May 4, 2022

A vulnerability in the web-based interface of Cisco Webex Teams could allow an authenticated... Moderate Unreviewed

CVE-2020-26067 was published Nov 18, 2024

A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an... Moderate Unreviewed

CVE-2024-6251 was published Jun 22, 2024

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10592 was published Nov 16, 2024

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an... Moderate Unreviewed

CVE-2022-20654 was published Nov 15, 2024

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2024-10038 was published Nov 13, 2024

The Simple Shortcode for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10621 was published Nov 8, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2024-9147 was published Nov 4, 2024

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure... Moderate Unreviewed

CVE-2024-20504 was published Nov 6, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20341 was published Oct 23, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed

CVE-2024-20460 was published Oct 16, 2024

The SEUR Oficial plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-9438 was published Oct 29, 2024

An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker... High Unreviewed

CVE-2023-40290 was published Mar 27, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... High Unreviewed

CVE-2024-44061 was published Oct 20, 2024

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2024-20382 was published Oct 23, 2024

A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ... Moderate Unreviewed

CVE-2024-47139 was published Oct 16, 2024

There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that... Moderate Unreviewed

CVE-2024-38039 was published Oct 4, 2024

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in TE... High Unreviewed

CVE-2024-2010 was published Sep 12, 2024

The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8872 was published Sep 26, 2024

The Broken Link Checker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... High Unreviewed

CVE-2024-8981 was published Oct 1, 2024

Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to... High Unreviewed

CVE-2023-39217 was published Aug 8, 2023

Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an... Critical Unreviewed

CVE-2023-39216 was published Aug 8, 2023

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-7629 was published Aug 21, 2024

The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-8680 was published Sep 21, 2024

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by... Moderate Unreviewed

CVE-2024-8145 was published Aug 25, 2024

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126 advisories