GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,503 advisories
Filter by severity
Cross Site Scripting vulnerability in num parameter in eyoucms v.1.6.5 allows a remote attacker...
Moderate
Unreviewed
CVE-2024-23032
was published
Feb 2, 2024
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote...
Moderate
Unreviewed
CVE-2024-23031
was published
Feb 2, 2024
Cross Site Scripting (XSS) vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote...
Moderate
Unreviewed
CVE-2024-22927
was published
Feb 2, 2024
Cross Site Scripting vulnerability in the path parameter in eyoucms v.1.6.5 allows a remote...
Moderate
Unreviewed
CVE-2024-23033
was published
Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker...
Moderate
Unreviewed
CVE-2024-1040
was published
Feb 2, 2024
ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers...
Moderate
Unreviewed
CVE-2023-47256
was published
Feb 2, 2024
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with...
Moderate
Unreviewed
CVE-2024-24945
was published
Feb 1, 2024
A stored cross-site scripting (XSS) vulnerability in Travel Journal Using PHP and MySQL with...
Moderate
Unreviewed
CVE-2024-24041
was published
Feb 1, 2024
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can...
Moderate
Unreviewed
CVE-2024-1167
was published
Feb 1, 2024
An insertion of Sensitive Information into Log File vulnerability is affecting DELMIA Apriso...
Moderate
Unreviewed
CVE-2024-0935
was published
Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role.
Moderate
Unreviewed
CVE-2024-24062
was published
Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/user.
Moderate
Unreviewed
CVE-2024-24060
was published
Feb 1, 2024
springboot-manager v1.6 is vulnerable to Arbitrary File Upload. The system does not filter the...
Moderate
Unreviewed
CVE-2024-24059
was published
Feb 1, 2024
springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add.
Moderate
Unreviewed
CVE-2024-24061
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51514
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-52118
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51685
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51694
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51506
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51693
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51695
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51684
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51689
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51691
was published
Feb 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2023-51690
was published
Feb 1, 2024
ProTip!
Advisories are also available from the
GraphQL API