GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

30,409 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed

CVE-2025-12635 was published Dec 9, 2025

A stored cross-site scripting (XSS) vulnerability exists in the web interface of Lyrion Music... Moderate Unreviewed

CVE-2025-65229 was published Dec 8, 2025

A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function... Moderate Unreviewed

CVE-2025-14228 was published Dec 8, 2025

A flaw has been found in GreenCMS 2.3.0603. Affected by this issue is some unknown functionality... Moderate Unreviewed

CVE-2025-14244 was published Dec 8, 2025

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown... Moderate Unreviewed

CVE-2025-14221 was published Dec 8, 2025

A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0.... Moderate Unreviewed

CVE-2025-14205 was published Dec 8, 2025

A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to... Moderate Unreviewed

CVE-2025-14201 was published Dec 7, 2025

A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to... Moderate Unreviewed

CVE-2025-14200 was published Dec 7, 2025

A vulnerability was identified in code-projects Employee Profile Management System 1.0. This... Moderate Unreviewed

CVE-2025-14194 was published Dec 7, 2025

The TR Timthumb plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode... Moderate Unreviewed

CVE-2025-13899 was published Dec 6, 2025

The RevInsite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `token`... Moderate Unreviewed

CVE-2025-13863 was published Dec 6, 2025

The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-13896 was published Dec 6, 2025

The CSV Sumotto plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `... Moderate Unreviewed

CVE-2025-13894 was published Dec 6, 2025

The Ultra Skype Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13898 was published Dec 6, 2025

The CSS3 Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-13907 was published Dec 6, 2025

The Extra Post Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13856 was published Dec 6, 2025

The Yet Another WebClap for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-13857 was published Dec 6, 2025

The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-13137 was published Dec 6, 2025

The Application Passwords plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-13308 was published Dec 6, 2025

The Cute News Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13656 was published Dec 6, 2025

The List Attachments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12717 was published Dec 6, 2025

The Canadian Nutrition Facts Label plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-12715 was published Dec 6, 2025

The myLCO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER[... Moderate Unreviewed

CVE-2025-13626 was published Dec 6, 2025

The Link Whisper Free plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11263 was published Dec 6, 2025

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34262 was published Dec 5, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

30,409 advisories