Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,749
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,738
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280,958 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49301 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49304 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49315 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49299 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49311 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49323 was published Jun 6, 2025
Missing Authorization vulnerability in Soft8Soft LLC Verge3D allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-49268 was published Jun 6, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in cmoreira Team Showcase... Moderate Unreviewed
CVE-2025-49250 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Tools allows Cross Site... Moderate Unreviewed
CVE-2025-49273 was published Jun 6, 2025
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce allows Exploiting... Moderate Unreviewed
CVE-2025-49287 was published Jun 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-49307 was published Jun 6, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-49308 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49298 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49328 was published Jun 6, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator... Moderate Unreviewed
CVE-2025-49329 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Adrian Hanft Konami Easter Egg allows Stored... High Unreviewed
CVE-2025-49425 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49327 was published Jun 6, 2025
Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida allows... Moderate Unreviewed
CVE-2025-49441 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49333 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49326 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV allows... Moderate Unreviewed
CVE-2025-49439 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive Regional Map of... Moderate Unreviewed
CVE-2025-49449 was published Jun 6, 2025
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via... High Unreviewed
CVE-2025-5791 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49443 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive UK Regional Map... Moderate Unreviewed
CVE-2025-49445 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database