Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

232 advisories

Loading
Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS)... Critical Unreviewed
CVE-2025-49553 was published Oct 15, 2025
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed
CVE-2025-59974 was published Oct 9, 2025
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Critical Unreviewed
CVE-2025-59978 was published Oct 9, 2025
A cross-site scripting (XSS) vulnerability in the component /app/marketplace.html of Logseq v0.10... Critical Unreviewed
CVE-2025-56683 was published Oct 9, 2025
Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross... Critical Unreviewed
CVE-2025-52161 was published Sep 8, 2025
An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker... Critical Unreviewed
CVE-2025-26210 was published Sep 3, 2025
Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS)... Critical Unreviewed
CVE-2025-34157 was published Aug 27, 2025
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack... Critical Unreviewed
CVE-2024-12223 was published Aug 20, 2025
Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report... Critical Unreviewed
CVE-2025-50754 was published Aug 4, 2025
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter ... Critical Unreviewed
CVE-2025-44136 was published Jul 29, 2025
A stored XSS vulnerability in No Boss Testimonials component 1.0.0-3.0.0 and 4.0.0-4.0.2 for... Critical Unreviewed
CVE-2025-54299 was published Jul 28, 2025
A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered. Critical Unreviewed
CVE-2025-54298 was published Jul 28, 2025
Cross Site Scripting vulnerability in grav v.1.7.48 and before allows an attacker to execute... Critical Unreviewed
CVE-2025-46199 was published Jul 25, 2025
A cross-site scripting (xss) vulnerability exists in the videosList page parameter functionality... Critical Unreviewed
CVE-2025-53084 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the managerPlaylists PlaylistOwnerUsersId... Critical Unreviewed
CVE-2025-46410 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the videoNotFound 404ErrorMsg parameter... Critical Unreviewed
CVE-2025-50128 was published Jul 24, 2025
A cross-site scripting (xss) vulnerability exists in the userLogin cancelUri parameter... Critical Unreviewed
CVE-2025-41420 was published Jul 24, 2025
A reflected cross-site scripting (XSS) vulnerability was discovered in index.php on Luxcal 4.5.2... Critical Unreviewed
CVE-2020-26799 was published Jul 21, 2025
lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An... Critical Unreviewed
CVE-2025-4779 was published Jul 7, 2025
User-controlled inputs are improperly escaped in: * VotePage.php (poll option input) ... Critical Unreviewed
CVE-2025-53484 was published Jul 4, 2025
Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the... Critical Unreviewed
CVE-2025-53599 was published Jul 4, 2025
A Cross-Site Scripting (XSS) vulnerability has been identified in Psono-Client’s handling of... Critical Unreviewed
CVE-2025-1987 was published Jun 22, 2025
Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to... Critical Unreviewed
CVE-2025-44148 was published Jun 3, 2025
Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advance... Critical Unreviewed
CVE-2024-10865 was published May 14, 2025
Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS)... Critical Unreviewed
CVE-2025-43567 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database