GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,395
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,603
Maven 6,053
npm 4,250
NuGet 755
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,948

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

32,928 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A security vulnerability has been detected in projectworlds Expense Management System 1.0.... Moderate Unreviewed

CVE-2025-12231 was published Oct 27, 2025

A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted... Moderate Unreviewed

CVE-2025-12228 was published Oct 27, 2025

A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an... Moderate Unreviewed

CVE-2025-12230 was published Oct 27, 2025

A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected... Moderate Unreviewed

CVE-2025-12227 was published Oct 27, 2025

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects... Moderate Unreviewed

CVE-2025-12229 was published Oct 27, 2025

A flaw has been found in Iqbolshoh php-business-website up to... Moderate Unreviewed

CVE-2025-12224 was published Oct 27, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48088 was published Oct 27, 2025

The The7 — Website and eCommerce Builder for WordPress theme for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11897 was published Oct 25, 2025

The Fast Velocity Minify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12034 was published Oct 25, 2025

The SpendeOnline.org plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-11875 was published Oct 25, 2025

The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2025-10580 was published Oct 25, 2025

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-8666 was published Oct 25, 2025

The Listeo theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-8413 was published Oct 25, 2025

The Gutenberg Blocks – PublishPress Blocks plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-8588 was published Oct 25, 2025

The Open Source Genesis Framework theme for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-10737 was published Oct 25, 2025

A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly... Moderate Unreviewed

CVE-2025-52624 was published Oct 10, 2025

Emoncms 11.7.3 is vulnerable to Cross Site in the input handling mechanism. This vulnerability... Moderate Unreviewed

CVE-2025-60936 was published Oct 24, 2025

ThingsBoard versions < 4.2.1 contain a stored cross-site scripting (XSS) vulnerability in the... Moderate Unreviewed

CVE-2025-34281 was published Oct 17, 2025

SSRF and Reflected XSS Vulnerabilities exist in multiple WSO2 products within the deprecated Try... Moderate Unreviewed

CVE-2025-5350 was published Oct 24, 2025

The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-10701 was published Oct 24, 2025

The Simple Excel Pricelist for WooCommerce plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-12096 was published Oct 24, 2025

The qnotsquiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12016 was published Oct 24, 2025

The VNPAY Payment gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12017 was published Oct 24, 2025

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation... Moderate Unreviewed

CVE-2025-9158 was published Oct 24, 2025

Pleasanter contains a stored cross-site scripting vulnerability in Preview for Attachments, which... Moderate Unreviewed

CVE-2025-58070 was published Oct 24, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

32,928 advisories