Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

27,807 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22735 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22732 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22733 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22825 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23997 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23998 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49700 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49300 was published Jan 21, 2025
The FireCask Like & Share Button plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-11226 was published Jan 21, 2025
The Betheme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-0450 was published Jan 21, 2025
The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13404 was published Jan 21, 2025
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several... Moderate Unreviewed
CVE-2025-0371 was published Jan 21, 2025
A vulnerability classified as problematic has been found in CampCodes School Management Software... Moderate Unreviewed
CVE-2025-0581 was published Jan 20, 2025
The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2025-0583 was published Jan 20, 2025
A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as... Moderate Unreviewed
CVE-2025-0578 was published Jan 20, 2025
A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. This issue... Moderate Unreviewed
CVE-2025-0576 was published Jan 20, 2025
The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-8722 was published Jan 19, 2025
A vulnerability, which was classified as problematic, was found in CampCodes School Management... Moderate Unreviewed
CVE-2025-0560 was published Jan 18, 2025
A vulnerability, which was classified as problematic, has been found in Campcodes School... Moderate Unreviewed
CVE-2025-0559 was published Jan 18, 2025
A vulnerability classified as problematic has been found in Hyland Alfresco Community Edition and... Moderate Unreviewed
CVE-2025-0557 was published Jan 18, 2025
The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13392 was published Jan 18, 2025
The MicroPayments – Fans Paysite: Paid Creator Subscriptions, Digital Assets, Tokens Wallet... Moderate Unreviewed
CVE-2024-13391 was published Jan 18, 2025
The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress... Moderate Unreviewed
CVE-2024-13517 was published Jan 18, 2025
The JSM Screenshot Machine Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-13385 was published Jan 18, 2025
The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is... Moderate Unreviewed
CVE-2024-13519 was published Jan 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database