GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
105,093 advisories
Filter by severity
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7...
Moderate
Unreviewed
CVE-2024-38038
was published
Oct 4, 2024
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that...
Moderate
Unreviewed
CVE-2024-38039
was published
Oct 4, 2024
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and 11.2 which may...
Moderate
Unreviewed
CVE-2024-8149
was published
Oct 4, 2024
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may...
Moderate
Unreviewed
CVE-2024-38037
was published
Oct 4, 2024
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 10.8.1 - 11.2 that may...
Moderate
Unreviewed
CVE-2024-8148
was published
Oct 4, 2024
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7...
Moderate
Unreviewed
CVE-2024-38036
was published
Oct 4, 2024
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1, 10.9.1 and 10.8.1...
Moderate
Unreviewed
CVE-2024-25691
was published
Oct 4, 2024
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise...
Moderate
Unreviewed
CVE-2024-25701
was published
Oct 4, 2024
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites...
Moderate
Unreviewed
CVE-2024-25702
was published
Oct 4, 2024
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise...
Moderate
Unreviewed
CVE-2024-25694
was published
Oct 4, 2024
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and...
Moderate
Unreviewed
CVE-2024-25707
was published
Oct 4, 2024
Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the...
Moderate
Unreviewed
CVE-2024-9410
was published
Oct 4, 2024
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as...
Moderate
Unreviewed
CVE-2024-9513
was published
Oct 4, 2024
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released...
Moderate
Unreviewed
CVE-2024-9481
was published
Oct 4, 2024
A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature ...
Moderate
Unreviewed
CVE-2024-9483
was published
Oct 4, 2024
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-8499
was published
Oct 4, 2024
An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400...
Moderate
Unreviewed
CVE-2024-9484
was published
Oct 4, 2024
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released...
Moderate
Unreviewed
CVE-2024-9482
was published
Oct 4, 2024
The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads...
Moderate
Unreviewed
CVE-2024-9271
was published
Oct 4, 2024
The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9071
was published
Oct 4, 2024
The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9306
was published
Oct 4, 2024
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected...
Moderate
Unreviewed
CVE-2024-9435
was published
Oct 4, 2024
The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-8804
was published
Oct 4, 2024
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9242
was published
Oct 4, 2024
The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use...
Moderate
Unreviewed
CVE-2024-8802
was published
Oct 4, 2024
ProTip!
Advisories are also available from the
GraphQL API