GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
221,728 advisories
Filter by severity
Cross-site Scripting (XSS) - Stored in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5711
was published
Jul 8, 2024
A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05...
Moderate
Unreviewed
CVE-2024-6539
was published
Jul 8, 2024
A stored cross-site scripting (XSS) vulnerability exists in the 'Upload Knowledge' feature of...
Moderate
Unreviewed
CVE-2024-6229
was published
Jul 7, 2024
EGroupware before 23.1.20240624 mishandles an ORDER BY clause.
Unknown
Unreviewed
CVE-2024-40614
was published
Jul 7, 2024
An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special...
Unknown
Unreviewed
CVE-2024-40603
was published
Jul 7, 2024
An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. There is stored XSS via...
Unknown
Unreviewed
CVE-2024-40602
was published
Jul 7, 2024
An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can...
Unknown
Unreviewed
CVE-2024-40601
was published
Jul 7, 2024
An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via...
Unknown
Unreviewed
CVE-2024-40604
was published
Jul 7, 2024
An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS...
Unknown
Unreviewed
CVE-2024-40600
was published
Jul 7, 2024
An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS...
Unknown
Unreviewed
CVE-2024-40605
was published
Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special...
Unknown
Unreviewed
CVE-2024-40596
was published
Jul 7, 2024
An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via...
Unknown
Unreviewed
CVE-2024-40599
was published
Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can...
Unknown
Unreviewed
CVE-2024-40598
was published
Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose...
Unknown
Unreviewed
CVE-2024-40597
was published
Jul 7, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-37554
was published
Jul 6, 2024
A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server...
Moderate
Unreviewed
CVE-2024-6095
was published
Jul 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-37553
was published
Jul 6, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Moderate
Unreviewed
CVE-2024-37547
was published
Jul 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-37546
was published
Jul 6, 2024
Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This...
Moderate
Unreviewed
CVE-2024-37542
was published
Jul 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-37541
was published
Jul 6, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-37539
was published
Jul 6, 2024
In the Linux kernel, the following vulnerability has been resolved:
drm/drm_file: Fix pid...
Unknown
Unreviewed
CVE-2024-39486
was published
Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects...
Moderate
Unreviewed
CVE-2024-37208
was published
Jul 6, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS...
Low
Unreviewed
CVE-2024-37234
was published
Jul 6, 2024
ProTip!
Advisories are also available from the
GraphQL API