GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,584 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating... High Unreviewed

CVE-2025-22483 was published Aug 29, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2024-25599 was published Mar 28, 2024

Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS)... High Unreviewed

CVE-2025-12848 was published Nov 26, 2025

The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... High Unreviewed

CVE-2025-13614 was published Dec 5, 2025

The Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration – Powered by Codisto... High Unreviewed

CVE-2025-11727 was published Dec 4, 2025

Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised... High Unreviewed

CVE-2025-39663 was published Oct 30, 2025

Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart... High Unreviewed

CVE-2025-66258 was published Nov 26, 2025

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-13387 was published Dec 2, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63533 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the... High Unreviewed

CVE-2025-63526 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63527 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63528 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63534 was published Dec 1, 2025

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of... High Unreviewed

CVE-2025-66359 was published Nov 28, 2025

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-13692 was published Nov 27, 2025

The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2025-13068 was published Nov 25, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product... High Unreviewed

CVE-2025-10554 was published Nov 24, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA... High Unreviewed

CVE-2025-10555 was published Nov 24, 2025

An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a... High Unreviewed

CVE-2025-12739 was published Nov 24, 2025

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed

CVE-2025-12160 was published Nov 21, 2025

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross... High Unreviewed

CVE-2025-13159 was published Nov 21, 2025

The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code'... High Unreviewed

CVE-2025-12135 was published Nov 21, 2025

Microsoft Defender Portal Spoofing Vulnerability High Unreviewed

CVE-2025-62459 was published Nov 21, 2025

Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6... High Unreviewed

CVE-2025-52668 was published Nov 20, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2025-0643 was published Nov 20, 2025

Previous1…104 Next

Previous 1 2 3 4 5 … 103 104 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,584 advisories