Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,796
Erlang
29
GitHub Actions
16
Go
1,713
Maven
4,948
npm
3,477
NuGet
605
pip
3,006
Pub
10
RubyGems
829
Rust
774
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

218,595 advisories

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34793 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34795 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-35631 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34791 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34797 was published Jun 3, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35630 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-34794 was published Jun 3, 2024
Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger... Moderate Unreviewed
CVE-2024-34798 was published Jun 3, 2024
Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25. Moderate Unreviewed
CVE-2024-34803 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34764 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34790 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34801 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34767 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34385 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34789 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34766 was published Jun 3, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks. Integration for Contact Form 7 and... Moderate Unreviewed
CVE-2024-35632 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34769 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34770 was published Jun 3, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2024-34796 was published Jun 3, 2024
Memory corruption when IPC callback handle is used after it has been released during register... Moderate Unreviewed
CVE-2023-43544 was published Jun 3, 2024
Information disclosure while handling T2LM Action Frame in WLAN Host. Moderate Unreviewed
CVE-2023-43537 was published Jun 3, 2024
Information disclosure in Video while parsing mp2 clip with invalid section length. High Unreviewed
CVE-2023-43555 was published Jun 3, 2024
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers. High Unreviewed
CVE-2024-23360 was published Jun 3, 2024
Memory corruption when more scan frequency list or channels are sent from the user space. Moderate Unreviewed
CVE-2023-43545 was published Jun 3, 2024
ProTip! Advisories are also available from the GraphQL API