GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,744
Composer 4,746
Erlang 35
GitHub Actions 29
Go 2,319
Maven 5,603
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 920
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,832

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31,227 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-46518 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46487 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46456 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-46493 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46440 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46446 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-39502 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-39505 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46437 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-46448 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-32285 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-31636 was published May 23, 2025

The Solid Mail – SMTP email and logging made by SolidWP plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-1123 was published May 23, 2025

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS... Moderate Unreviewed

CVE-2025-3894 was published May 23, 2025

DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS).... Moderate Unreviewed

CVE-2025-4379 was published May 23, 2025

The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5096 was published May 23, 2025

The Tournamatch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-4594 was published May 23, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoint of... Moderate Unreviewed

CVE-2024-5962 was published May 22, 2025

Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser... Moderate Unreviewed

CVE-2024-13950 was published May 22, 2025

A reflected cross-site scripting (XSS) vulnerability exists in the sub-organization login flow of... Moderate Unreviewed

CVE-2024-7103 was published May 22, 2025

Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become... Moderate Unreviewed

CVE-2024-13958 was published May 22, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could... Moderate Unreviewed

CVE-2025-33138 was published May 22, 2025

The Hot Random Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-4405 was published May 22, 2025

The WooCommerce plugin for WordPress is vulnerable to PostMessage-Based Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-5062 was published May 22, 2025

A Stored Cross-Site Scripting (XSS) vulnerability exists in Vtiger CRM Open Source Edition v8.3.0... Moderate Unreviewed

CVE-2025-45755 was published May 21, 2025

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

31,227 advisories