Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31,227 advisories

Loading
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due... Moderate Unreviewed
CVE-2025-22244 was published Jun 4, 2025
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper... High Unreviewed
CVE-2025-22243 was published Jun 4, 2025
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to... Moderate Unreviewed
CVE-2025-22245 was published Jun 4, 2025
A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact... Moderate Unreviewed
CVE-2025-20273 was published Jun 4, 2025
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an... Moderate Unreviewed
CVE-2025-20279 was published Jun 4, 2025
Cross Site Scripting vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote... Moderate Unreviewed
CVE-2025-29094 was published Jun 4, 2025
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been classified as... Moderate Unreviewed
CVE-2025-5584 was published Jun 4, 2025
A reflected XSS vulnerability in RSform!Pro component 3.0.0 - 3.3.13 for Joomla was discovered.... Moderate Unreviewed
CVE-2025-27444 was published Jun 4, 2025
The Simple Contact Form Plugin for WordPress – WP Easy Contact plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-5539 was published Jun 4, 2025
The Employee Directory – Staff Listing & Team Directory Plugin for WordPress plugin for WordPress... Moderate Unreviewed
CVE-2025-5531 was published Jun 4, 2025
The Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress plugin for... Moderate Unreviewed
CVE-2025-5532 was published Jun 4, 2025
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as... Moderate Unreviewed
CVE-2025-5542 was published Jun 4, 2025
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as... Moderate Unreviewed
CVE-2025-5543 was published Jun 4, 2025
A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the... Moderate Unreviewed
CVE-2025-5523 was published Jun 3, 2025
A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0... Moderate Unreviewed
CVE-2025-5516 was published Jun 3, 2025
Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to... Critical Unreviewed
CVE-2025-44148 was published Jun 3, 2025
A vulnerability has been found in quequnlong shiyi-blog up to 1.2.1 and classified as problematic... Moderate Unreviewed
CVE-2025-5513 was published Jun 3, 2025
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as... Moderate Unreviewed
CVE-2025-5507 was published Jun 3, 2025
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as... Moderate Unreviewed
CVE-2025-5508 was published Jun 3, 2025
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as... Moderate Unreviewed
CVE-2025-5506 was published Jun 3, 2025
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic.... Moderate Unreviewed
CVE-2025-5505 was published Jun 3, 2025
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter... Moderate Unreviewed
CVE-2025-43924 was published Jun 3, 2025
The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-5340 was published Jun 3, 2025
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-4205 was published Jun 3, 2025
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is... High Unreviewed
CVE-2025-4392 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database