GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,850
Composer 5,061
Erlang 39
GitHub Actions 38
Go 2,690
Maven 6,134
npm 4,320
NuGet 760
pip 4,096
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,590

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34,512 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13448 was published Dec 3, 2025

Sourcecodester Student Grades Management System v1.0 is vulnerable to Cross Site Scripting (XSS)... Moderate Unreviewed

CVE-2025-64070 was published Dec 2, 2025

Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page editor allows authenticated... Moderate Unreviewed

CVE-2025-65186 was published Dec 2, 2025

Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /classes... Moderate Unreviewed

CVE-2025-65881 was published Dec 2, 2025

Sourcecodester Web-based Pharmacy Product Management System v1.0 is vulnerable to Cross Site... Moderate Unreviewed

CVE-2025-65215 was published Dec 2, 2025

DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which allows JavaScript execution... Moderate Unreviewed

CVE-2025-63872 was published Dec 2, 2025

A Stored Cross Site Scripting vulnerability exists in CiviCRM before v6.7 in the Accounting... Moderate Unreviewed

CVE-2025-65187 was published Dec 2, 2025

Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an... Moderate Unreviewed

CVE-2025-40700 was published Dec 2, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),... Moderate Unreviewed

CVE-2025-13505 was published Dec 2, 2025

The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-13731 was published Dec 2, 2025

Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26... Moderate Unreviewed

CVE-2025-13873 was published Dec 2, 2025

The WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress is... Moderate Unreviewed

CVE-2025-13007 was published Dec 2, 2025

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed

CVE-2025-13387 was published Dec 2, 2025

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections &... Moderate Unreviewed

CVE-2025-13697 was published Dec 2, 2025

Todoist v8896 is vulnerable to Cross Site Scripting (XSS) in /api/v1/uploads. Uploaded SVG files... Moderate Unreviewed

CVE-2025-63317 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63534 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63533 was published Dec 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-13835 was published Dec 1, 2025

Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to authenticated stored cross-site... Moderate Unreviewed

CVE-2025-64030 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System within the... High Unreviewed

CVE-2025-63526 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63528 was published Dec 1, 2025

A cross-site scripting (XSS) vulnerability exists in the Blood Bank Management System 1.0 within... High Unreviewed

CVE-2025-63527 was published Dec 1, 2025

Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's Clickedu. This vulnerability... Moderate Unreviewed

CVE-2025-41070 was published Dec 1, 2025

A vulnerability was determined in jairiidriss RestaurantWebsite up to... Moderate Unreviewed

CVE-2025-13802 was published Dec 1, 2025

A weakness has been identified in codingWithElias School Management System up to... Moderate Unreviewed

CVE-2025-13795 was published Dec 1, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,512 advisories