Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

153 advisories

Loading
The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for... High Unreviewed
CVE-2024-13497 was published Mar 15, 2025
IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject... Moderate Unreviewed
CVE-2023-35006 was published Jul 10, 2024
Using an AMP url with a canonical element, an attacker could have executed JavaScript from an... High Unreviewed
CVE-2024-26282 was published Feb 22, 2024
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22277 was published Jul 4, 2024
An issue was discovered in BMC Remedy Mid Tier 7.6.04. The web application allows stored HTML... Moderate Unreviewed
CVE-2024-34398 was published Mar 12, 2025
IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to HTML injection, caused... Moderate Unreviewed
CVE-2024-49337 was published Feb 20, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed
CVE-2024-38318 was published Feb 6, 2025
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-35112 was published Jan 25, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-23735 was published Jun 4, 2024
It is possible to inject HTML code into the page content using the "content" field in the ... Low Unreviewed
CVE-2025-22274 was published Feb 28, 2025
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ... Moderate Unreviewed
CVE-2024-2868 was published Apr 4, 2024
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin... Moderate Unreviewed
CVE-2024-2423 was published Apr 9, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... High Unreviewed
CVE-2025-24680 was published Jan 27, 2025
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed
CVE-2024-13704 was published Feb 18, 2025
PHPJabbers Car Park Booking System v3.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed
CVE-2023-51308 was published Feb 20, 2025
Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated... Moderate Unreviewed
CVE-2024-57004 was published Feb 3, 2025
Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization... Low Unreviewed
CVE-2025-22402 was published Feb 7, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2023-47869 was published Dec 9, 2024
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet... Low Unreviewed
CVE-2024-52967 was published Jan 14, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2024-23522 was published May 17, 2024
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-24678 was published Jan 24, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-24673 was published Jan 24, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-23919 was published Jan 16, 2025
A cross-site scripting (xss) vulnerability exists in the login.cgi set_lang_CountryCode()... Critical Unreviewed
CVE-2024-39363 was published Jan 14, 2025
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML... Moderate Unreviewed
CVE-2024-41752 was published Dec 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database