GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,165
Composer 4,890
Erlang 37
GitHub Actions 38
Go 2,547
Maven 6,011
npm 4,217
NuGet 745
pip 3,994
Pub 12
RubyGems 952
Rust 1,038
Swift 45

Unreviewed advisories

All unreviewed 272,930

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29,627 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

code-projects Simple Online Hotel Reservation System 1.0 has a Cross Site Scripting (XSS)... Moderate Unreviewed

CVE-2025-60308 was published Oct 10, 2025

ReNgine thru 2.2.0 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability in the... Moderate Unreviewed

CVE-2025-61319 was published Oct 10, 2025

Stored cross-site scripting (XSS) vulnerability on the Membership page in Account Settings in... Moderate Unreviewed

CVE-2025-62238 was published Oct 10, 2025

Cross-site scripting (XSS) vulnerability in workflow process builder in Liferay Portal 7.4.3.21... Moderate Unreviewed

CVE-2025-62239 was published Oct 10, 2025

Stored cross-site scripting (XSS) vulnerability in Commerce’s view order page in Liferay Portal 7... Moderate Unreviewed

CVE-2025-62237 was published Oct 10, 2025

The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-7781 was published Oct 10, 2025

Reflected Cross-Site Scripting (XSS) in Xibo CMS v4.1.2 from Xibo Signage, due to a lack of... Moderate Unreviewed

CVE-2025-41089 was published Oct 10, 2025

Stored Cross-Site Scripting (XSS) in Xibo Signage's Xibo CMS v4.1.2, due to a lack of proper... Moderate Unreviewed

CVE-2025-41088 was published Oct 10, 2025

Stored Cross-Site Scripting (XSS) vulnerability in Energy CRM v2025 by Status Tracker Ltd,... Moderate Unreviewed

CVE-2025-40640 was published Oct 10, 2025

Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to... Moderate Unreviewed

CVE-2025-11570 was published Oct 10, 2025

ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in... Moderate Unreviewed

CVE-2025-11450 was published Oct 10, 2025

ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in... Moderate Unreviewed

CVE-2025-11449 was published Oct 10, 2025

Multiple cross-site scripting (XSS) vulnerabilities with Calendar events in Liferay Portal 7.4.3... Moderate Unreviewed

CVE-2025-62240 was published Oct 9, 2025

Newforma Info Exchange (NIX) provides a 'Send a File Transfer' feature that allows a remote,... Moderate Unreviewed

CVE-2025-35060 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59992 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59982 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59981 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59990 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59987 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59984 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-60002 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59983 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59997 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-59986 was published Oct 9, 2025

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-60001 was published Oct 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

29,627 advisories