GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,417
Composer 4,951
Erlang 39
GitHub Actions 38
Go 2,607
Maven 6,062
npm 4,251
NuGet 757
pip 4,017
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,244

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,010 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49063 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49065 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49057 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49062 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49054 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49058 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49056 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49064 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-52788 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49038 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47689 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-30626 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-49037 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-28999 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-28975 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-29014 was published Aug 14, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-31007 was published Aug 14, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1... High Unreviewed

CVE-2025-7734 was published Aug 13, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and... High Unreviewed

CVE-2025-6186 was published Aug 13, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that,... High Unreviewed

CVE-2025-7739 was published Aug 13, 2025

Magento Cross-site Scripting vulnerability High

CVE-2025-49557 was published for magento/community-edition (Composer) Aug 12, 2025

The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This... High Unreviewed

CVE-2020-9322 was published Aug 8, 2025

A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook... High Unreviewed

CVE-2025-51629 was published Aug 7, 2025

Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. High Unreviewed

CVE-2025-51624 was published Aug 6, 2025

Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about... High Unreviewed

CVE-2012-10032 was published Aug 5, 2025

Previous 1…7…121 Next

Previous 1 2 … 5 6 7 8 9 … 120 121 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,010 advisories