Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

104,503 advisories

Loading
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote attacker... Moderate Unreviewed
CVE-2024-23032 was published Feb 2, 2024
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote... Moderate Unreviewed
CVE-2024-23031 was published Feb 2, 2024
Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote... Moderate Unreviewed
CVE-2024-22927 was published Feb 2, 2024
Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote... Moderate Unreviewed
CVE-2024-23033 was published Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker... Moderate Unreviewed
CVE-2024-1040 was published Feb 2, 2024
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers... Moderate Unreviewed
CVE-2023-47256 was published Feb 2, 2024
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with... Moderate Unreviewed
CVE-2024-24945 was published Feb 1, 2024
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with... Moderate Unreviewed
CVE-2024-24041 was published Feb 1, 2024
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can... Moderate Unreviewed
CVE-2024-1167 was published Feb 1, 2024
An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso... Moderate Unreviewed
CVE-2024-0935 was published Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role. Moderate Unreviewed
CVE-2024-24062 was published Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user. Moderate Unreviewed
CVE-2024-24060 was published Feb 1, 2024
springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the... Moderate Unreviewed
CVE-2024-24059 was published Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add. Moderate Unreviewed
CVE-2024-24061 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51514 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-52118 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51685 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51694 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51506 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51693 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51695 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51684 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51689 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51691 was published Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2023-51690 was published Feb 1, 2024
ProTip! Advisories are also available from the GraphQL API