GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,749
Composer 4,747
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,604
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,897

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

27,495 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-5340 was published Jun 3, 2025

The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-4205 was published Jun 3, 2025

The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-4671 was published Jun 3, 2025

The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-4420 was published Jun 3, 2025

The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-5116 was published Jun 3, 2025

The Newsletter WordPress plugin before 8.8.2 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2025-3584 was published Jun 3, 2025

The FancyBox for WordPress plugin before 3.3.6 does not escape captions and titles attributes... Moderate Unreviewed

CVE-2025-3662 was published Jun 3, 2025

The Post Slider and Post Carousel with Post Vertical Scrolling Widget WordPress plugin before 3... Moderate Unreviewed

CVE-2025-4567 was published Jun 3, 2025

The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-3919 was published Jun 3, 2025

osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in ... Moderate Unreviewed

CVE-2025-45387 was published Jun 2, 2025

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2025-20297 was published Jun 2, 2025

A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple... Moderate Unreviewed

CVE-2024-3509 was published Jun 2, 2025

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2025-44115 was published Jun 2, 2025

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1... Moderate Unreviewed

CVE-2024-40114 was published Jun 2, 2025

A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic... Moderate Unreviewed

CVE-2025-5411 was published Jun 2, 2025

A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1.... Moderate Unreviewed

CVE-2025-5412 was published Jun 2, 2025

A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this... Moderate Unreviewed

CVE-2025-5420 was published Jun 2, 2025

A vulnerability has been found in chaitak-gorai Blogbook up to... Moderate Unreviewed

CVE-2025-5407 was published Jun 1, 2025

A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up... Moderate Unreviewed

CVE-2025-5405 was published Jun 1, 2025

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2025-2896 was published Jun 1, 2025

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2025-25044 was published Jun 1, 2025

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by... Moderate Unreviewed

CVE-2025-5383 was published May 31, 2025

A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic... Moderate Unreviewed

CVE-2025-5377 was published May 31, 2025

A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0.... Moderate Unreviewed

CVE-2025-5378 was published May 31, 2025

The Product Subtitle for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-5285 was published May 31, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,495 advisories