GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,687
Composer 5,022
Erlang 39
GitHub Actions 38
Go 2,656
Maven 6,114
npm 4,284
NuGet 760
pip 4,069
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,565

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

30,210 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') Moderate Unreviewed

CVE-2025-55059 was published Nov 17, 2025

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed

CVE-2024-46334 was published Nov 17, 2025

kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via ... Moderate Unreviewed

CVE-2024-46336 was published Nov 17, 2025

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via the aremark parameter in... Moderate Unreviewed

CVE-2024-44647 was published Nov 17, 2025

OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php. Moderate Unreviewed

CVE-2025-64046 was published Nov 17, 2025

Cross-Site Scripting (XSS) vulnerability exists in SourceCodester AI Font Matcher (nid=18425,... Moderate Unreviewed

CVE-2025-63708 was published Nov 17, 2025

A vulnerability has been identified in Mendix RichText (All versions >= V4.0.0 < V4.6.1).... Moderate Unreviewed

CVE-2025-40834 was published Nov 17, 2025

A vulnerability was identified in code-projects Student Information System 2.0. The impacted... Moderate Unreviewed

CVE-2025-13245 was published Nov 16, 2025

A vulnerability was determined in code-projects Student Information System 2.0. The affected... Moderate Unreviewed

CVE-2025-13244 was published Nov 16, 2025

A flaw has been found in projectsend up to r1720. Impacted is an unknown function of the... Moderate Unreviewed

CVE-2025-13232 was published Nov 16, 2025

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This... Moderate Unreviewed

CVE-2025-13202 was published Nov 15, 2025

A weakness has been identified in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart... Moderate Unreviewed

CVE-2025-13186 was published Nov 15, 2025

A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function... Moderate Unreviewed

CVE-2025-13182 was published Nov 14, 2025

A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function... Moderate Unreviewed

CVE-2025-13181 was published Nov 14, 2025

Reflected Cross-Site Scripting (XSS) vulnerability in SVX Portal 2.7A via the id parameter to... Moderate Unreviewed

CVE-2025-63725 was published Nov 14, 2025

CKFinder 1.4.3 is vulnerable to Cross Site Scripting (XSS) in the File Upload function. An... Moderate Unreviewed

CVE-2025-63830 was published Nov 14, 2025

PHPGurukul Student Record System 3.20 is vulnerable to Cross Site Scripting (XSS) via adminname... Moderate Unreviewed

CVE-2024-44635 was published Nov 14, 2025

Cross Site Scripting vulnerability in Alto CMS v.1.1.13 allows a local attacker to execute... Moderate Unreviewed

CVE-2024-42749 was published Nov 14, 2025

QuickCMS is vulnerable to multiple Stored XSS in language editor functionality (languages).... Moderate Unreviewed

CVE-2025-10018 was published Nov 14, 2025

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Moderate Unreviewed

CVE-2025-13097 was published Nov 14, 2025

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an... Moderate Unreviewed

CVE-2025-20353 was published Nov 13, 2025

Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an... Moderate Unreviewed

CVE-2025-62482 was published Nov 13, 2025

Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This... Moderate Unreviewed

CVE-2025-40681 was published Nov 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64264 was published Nov 13, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64275 was published Nov 13, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,210 advisories