Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,749
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,738
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,530 advisories

Loading
Leantime allows Cross-Site Scripting (XSS) Low
GHSA-f679-254h-qhvj was published for leantime/leantime (Composer) Feb 21, 2025
justWalsdi
The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13585 was published Feb 21, 2025
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and... Low Unreviewed
CVE-2024-13314 was published Feb 21, 2025
Keycloak allows cross-site scripting (XSS) Low
CVE-2024-4028 was published for org.keycloak:keycloak-core (Maven) Feb 18, 2025
The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13125 was published Feb 13, 2025
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Low Unreviewed
CVE-2024-13121 was published Feb 13, 2025
The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape... Low Unreviewed
CVE-2025-0692 was published Feb 13, 2025
Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Low Unreviewed
CVE-2024-27780 was published Feb 11, 2025
In affected versions of Octopus Server error messages were handled unsafely on the error page. If... Low Unreviewed
CVE-2025-0513 was published Feb 11, 2025
DevDojo Voyager vulnerable to reflected Cross-site Scripting Low
CVE-2024-55416 was published for tcg/voyager (Composer) Jan 30, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55228 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
Dolibarr Cross-site Scripting vulnerability Low
CVE-2024-55227 was published for dolibarr/dolibarr (Composer) Jan 27, 2025
The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-13116 was published Jan 27, 2025
Reflected Cross Site Scripting (XSS) in error message Low
GHSA-74j9-xhqr-6qv3 was published for silverstripe/framework (Composer) Jan 23, 2025
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message Low
GHSA-mqf3-qpc3-g26q was published for silverstripe/framework (Composer) Jan 14, 2025
An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet... Low Unreviewed
CVE-2024-52967 was published Jan 14, 2025
A vulnerability has been identified in Industrial Edge Management OS (IEM-OS) (All versions).... Low Unreviewed
CVE-2024-45385 was published Jan 14, 2025
Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability Low
CVE-2024-55226 was published for vaultwarden (Rust) Jan 9, 2025
Vaultwarden HTML injection vulnerability Low
CVE-2024-55224 was published for vaultwarden (Rust) Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Low Unreviewed
CVE-2024-13308 was published Jan 9, 2025
The Form Maker by 10Web WordPress plugin before 1.15.31 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-10562 was published Jan 7, 2025
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not... Low Unreviewed
CVE-2024-10102 was published Jan 7, 2025
Grav Cross-site Scripting vulnerability Low
CVE-2024-35498 was published for getgrav/grav (Composer) Jan 6, 2025
REDAXO CMS Cross-site Scripting vulnerability Low
CVE-2024-46209 was published for redaxo/source (Composer) Jan 6, 2025
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.... Low Unreviewed
CVE-2024-55541 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database