Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

27,807 advisories

Loading
Homarr before v0.14.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2023-45908 was published Jan 21, 2025
OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious... Moderate Unreviewed
CVE-2024-48392 was published Jan 21, 2025
Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed... Moderate Unreviewed
CVE-2024-55958 was published Jan 21, 2025
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page Moderate Unreviewed
CVE-2025-24459 was published Jan 21, 2025
SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create... Moderate Unreviewed
CVE-2024-54795 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22267 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22276 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22661 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23454 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23461 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23489 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23580 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23551 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23994 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49700 was published Jan 21, 2025
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit... Moderate Unreviewed
CVE-2024-56998 was published Jan 21, 2025
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor... Moderate Unreviewed
CVE-2024-56997 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22262 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22322 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22709 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22719 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22711 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22706 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22718 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22727 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database