Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,582 advisories

Loading
The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-13387 was published Dec 2, 2025
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed
CVE-2025-63533 was published Dec 1, 2025
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed
CVE-2025-63534 was published Dec 1, 2025
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the... High Unreviewed
CVE-2025-63526 was published Dec 1, 2025
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed
CVE-2025-63527 was published Dec 1, 2025
A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed
CVE-2025-63528 was published Dec 1, 2025
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of... High Unreviewed
CVE-2025-66359 was published Nov 28, 2025
The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-13692 was published Nov 27, 2025
Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS)... High Unreviewed
CVE-2025-12848 was published Nov 26, 2025
Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart... High Unreviewed
CVE-2025-66258 was published Nov 26, 2025
The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2025-13068 was published Nov 25, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product... High Unreviewed
CVE-2025-10554 was published Nov 24, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA... High Unreviewed
CVE-2025-10555 was published Nov 24, 2025
An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a... High Unreviewed
CVE-2025-12739 was published Nov 24, 2025
The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-12160 was published Nov 21, 2025
The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross... High Unreviewed
CVE-2025-13159 was published Nov 21, 2025
The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code'... High Unreviewed
CVE-2025-12135 was published Nov 21, 2025
Microsoft Defender Portal Spoofing Vulnerability High Unreviewed
CVE-2025-62459 was published Nov 21, 2025
Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6... High Unreviewed
CVE-2025-52668 was published Nov 20, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2025-0643 was published Nov 20, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-13206 was published Nov 19, 2025
The Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and... High Unreviewed
CVE-2025-12484 was published Nov 19, 2025
The Checkout Files Upload for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-4212 was published Nov 18, 2025
The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed
CVE-2025-12904 was published Nov 14, 2025
The Easy Email Subscription plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed
CVE-2025-11994 was published Nov 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database