GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,825
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,479
NuGet
605
pip
3,009
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
26,005 advisories
Filter by severity
ActionText ContentAttachment can Contain Unsanitized HTML
Moderate
CVE-2024-32464
was published
for
actiontext
(RubyGems)
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34759
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35651
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35782
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35653
was published
Jun 4, 2024
The SolarWinds Platform was determined to be affected by a stored cross-site scripting...
High
Unreviewed
CVE-2024-29004
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35649
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35652
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35655
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35666
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35668
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-35654
was published
Jun 4, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35664
was published
Jun 4, 2024
Cross-Site Scripting (XSS) in TYPO3 component CSS styled content
Moderate
GHSA-8j9v-4hhh-x43c
was published
for
typo3/cms
(Composer)
Jun 4, 2024
A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling...
High
Unreviewed
CVE-2024-37063
was published
Jun 4, 2024
Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver...
Unknown
Unreviewed
CVE-2024-5420
was published
Jun 4, 2024
Reflected Cross-Site Scripting (XSS) in Dolibarr
Moderate
CVE-2024-34051
was published
for
dolibarr/dolibarr
(Composer)
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34793
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34795
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-35631
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34791
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34797
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
High
Unreviewed
CVE-2024-34794
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34764
was published
Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-34790
was published
Jun 3, 2024
ProTip!
Advisories are also available from the
GraphQL API