Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

30,383 advisories

Loading
The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege... High Unreviewed
CVE-2024-55074 was published Jan 6, 2025
REDAXO CMS Cross-site Scripting vulnerability Low
CVE-2024-46209 was published for redaxo/source (Composer) Jan 6, 2025
Grav Cross-site Scripting vulnerability Low
CVE-2024-35498 was published for getgrav/grav (Composer) Jan 6, 2025
A reflected Cross-Site Scripting (XSS) vulnerability exists in the login page of IceHRM v32.4.0... Moderate Unreviewed
CVE-2024-46073 was published Jan 6, 2025
Cross-Site Scripting (XSS) vulnerability in Pnetlab 5.3.11 allows an attacker to inject malicious... Moderate Unreviewed
CVE-2024-51111 was published Jan 6, 2025
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... Moderate Unreviewed
CVE-2024-31913 was published Jan 6, 2025
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... Moderate Unreviewed
CVE-2024-31914 was published Jan 6, 2025
Extension:TabberNeue vulnerable to Cross-site Scripting High
CVE-2025-21612 was published for starcitizentools/tabber-neue (Composer) Jan 6, 2025
BlankEclair
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2024-13142 was published Jan 6, 2025
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-13143 was published Jan 6, 2025
A vulnerability has been found in code-projects Local Storage Todo App 1.0 and classified as... Moderate Unreviewed
CVE-2025-0228 was published Jan 5, 2025
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This... Moderate Unreviewed
CVE-2024-13141 was published Jan 5, 2025
A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. This... Moderate Unreviewed
CVE-2025-0220 was published Jan 5, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-13137 was published Jan 5, 2025
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an... Moderate Unreviewed
CVE-2024-13140 was published Jan 5, 2025
A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2024-13135 was published Jan 5, 2025
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability... Moderate Unreviewed
CVE-2024-13132 was published Jan 5, 2025
A vulnerability, which was classified as problematic, has been found in Trimble SPS851 488.01.... Moderate Unreviewed
CVE-2025-0219 was published Jan 5, 2025
The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-12221 was published Jan 4, 2025
The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed
CVE-2024-12475 was published Jan 4, 2025
The Media Library Assistant plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2024-11974 was published Jan 4, 2025
The Taskbuilder – WordPress Project & Task Management plugin plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-11930 was published Jan 4, 2025
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12047 was published Jan 4, 2025
The WP Smart Import : Import any XML File to WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12701 was published Jan 4, 2025
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored... Moderate Unreviewed
CVE-2025-22388 was published Jan 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database