GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,943

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34,954 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-site scripting vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3... Moderate Unreviewed

CVE-2024-23782 was published Jan 29, 2024

The EventON WordPress plugin before 4.4.1 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2023-7200 was published Jan 29, 2024

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1... Moderate Unreviewed

CVE-2024-40114 was published Jun 2, 2025

osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in ... Moderate Unreviewed

CVE-2025-45387 was published Jun 2, 2025

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the... Moderate Unreviewed

CVE-2025-44115 was published Jun 2, 2025

Phpgurukul Medical Card Generation System v1.0 is vulnerable to HTML Injection in admin/contactus... Moderate Unreviewed

CVE-2024-48704 was published May 23, 2025

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product... Moderate Unreviewed

CVE-2022-3194 was published Jan 16, 2024

The Customer Reviews for WooCommerce WordPress plugin before 5.17.0 does not validate and escape... Moderate Unreviewed

CVE-2023-0079 was published Jan 16, 2024

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2025-20297 was published Jun 2, 2025

A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple... Moderate Unreviewed

CVE-2024-3509 was published Jun 2, 2025

The simple sort&search WordPress plugin through 0.0.3 does not make sure that the indexurl... Moderate Unreviewed

CVE-2021-24433 was published Jan 16, 2024

A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows... Moderate Unreviewed

CVE-2023-48858 was published Jan 17, 2024

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have... Moderate Unreviewed

CVE-2024-0238 was published Jan 16, 2024

The Qubely WordPress plugin before 1.8.5 does not validate and escape some of its block options... Moderate Unreviewed

CVE-2023-0376 was published Jan 16, 2024

The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some... Moderate Unreviewed

CVE-2023-6732 was published Jan 16, 2024

The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the... Moderate Unreviewed

CVE-2023-7151 was published Jan 16, 2024

The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because... High Unreviewed

CVE-2024-57783 was published Jun 2, 2025

The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a... Moderate Unreviewed

CVE-2023-0769 was published Jan 16, 2024

A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic... Moderate Unreviewed

CVE-2025-5411 was published Jun 2, 2025

A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1.... Moderate Unreviewed

CVE-2025-5412 was published Jun 2, 2025

A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this... Moderate Unreviewed

CVE-2025-5420 was published Jun 2, 2025

A vulnerability has been found in chaitak-gorai Blogbook up to... Moderate Unreviewed

CVE-2025-5407 was published Jun 1, 2025

A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up... Moderate Unreviewed

CVE-2025-5405 was published Jun 1, 2025

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2025-2896 was published Jun 1, 2025

IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed

CVE-2025-25044 was published Jun 1, 2025

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,954 advisories