Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,731
Maven
5,000+
npm
4,332
NuGet
763
pip
4,109
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

33,550 advisories

Loading
A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart... Moderate Unreviewed
CVE-2025-13186 was published Nov 15, 2025
Directus is Vulnerable to Stored Cross-site Scripting Moderate
CVE-2025-64747 was published for directus (npm) Nov 14, 2025
Cl0wnK1n9
Credited to Cl0wnK1n9
A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function... Moderate Unreviewed
CVE-2025-13182 was published Nov 14, 2025
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function... Moderate Unreviewed
CVE-2025-13181 was published Nov 14, 2025
PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting (XSS) via adminname... Moderate Unreviewed
CVE-2024-44635 was published Nov 14, 2025
Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute... Moderate Unreviewed
CVE-2024-42749 was published Nov 14, 2025
Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper... Moderate Unreviewed
CVE-2025-41107 was published Nov 10, 2025
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Moderate Unreviewed
CVE-2025-13097 was published Nov 14, 2025
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an... Moderate Unreviewed
CVE-2025-20353 was published Nov 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64380 was published Nov 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64383 was published Nov 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64264 was published Nov 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64275 was published Nov 13, 2025
A stored cross-site scripting (XSS) vulnerability exists in pH7Software pH7-Social-Dating-CMS 17... Moderate Unreviewed
CVE-2025-63645 was published Nov 13, 2025
Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This... Moderate Unreviewed
CVE-2025-40681 was published Nov 13, 2025
Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an... Moderate Unreviewed
CVE-2025-62482 was published Nov 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62044 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62030 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62051 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49905 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64354 was published Oct 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-52764 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-53245 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-53239 was published Nov 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-53286 was published Nov 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database