Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

36,208 advisories

Loading
IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 12 is vulnerable to stored cross-site scripting.... Moderate Unreviewed
CVE-2025-33118 was published Aug 1, 2025
A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of... Moderate Unreviewed
CVE-2025-50869 was published Aug 1, 2025
Microweber has Reflected XSS Vulnerability in the layout Parameter Moderate
CVE-2025-51502 was published for microweber/microweber (Composer) Aug 1, 2025
Microweber has Reflected XSS Vulnerability in the id Parameter Moderate
CVE-2025-51501 was published for microweber/microweber (Composer) Aug 1, 2025
Microweber XSS Vulnerability in the homepage Endpoint Moderate
CVE-2025-51504 was published for microweber/microweber (Composer) Aug 1, 2025
A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0... Moderate Unreviewed
CVE-2025-45778 was published Aug 1, 2025
The Sina Extension for Elementor (Header Builder, Footer Builter, Theme Builder, Slider, Gallery,... Moderate Unreviewed
CVE-2025-6228 was published Aug 1, 2025
The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids,... Moderate Unreviewed
CVE-2025-4684 was published Aug 1, 2025
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2025-7646 was published Aug 1, 2025
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-7845 was published Aug 1, 2025
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,... High Unreviewed
CVE-2025-7725 was published Aug 1, 2025
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows... High Unreviewed
CVE-2025-26064 was published Jul 31, 2025
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37108 was published Jul 31, 2025
A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4... High Unreviewed
CVE-2025-52203 was published Jul 31, 2025
CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2025-50866 was published Jul 31, 2025
Microweber Has Stored XSS Vulnerability in User Profile Fields Low
CVE-2025-51503 was published for microweber/microweber (Composer) Jul 31, 2025
A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute... Moderate Unreviewed
CVE-2025-50848 was published Jul 31, 2025
A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06... Moderate Unreviewed
CVE-2025-51569 was published Jul 31, 2025
A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS... Moderate Unreviewed
CVE-2025-50270 was published Jul 31, 2025
copyparty Reflected XSS via Filter Parameter Moderate
CVE-2025-54589 was published for copyparty (pip) Jul 31, 2025
Ju0x
A Stored Cross Site Scripting vulnerability has been found in UltimatePOS by UltimateFosters.... Moderate Unreviewed
CVE-2025-40980 was published Jul 31, 2025
A vulnerability classified as problematic was found in Campcodes Online Hotel Reservation System... Moderate Unreviewed
CVE-2025-8380 was published Jul 31, 2025
Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering Moderate
CVE-2025-24853 was published for org.apache.jspwiki:jspwiki-main (Maven) Jul 31, 2025
Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin Moderate
CVE-2025-24854 was published for org.apache.jspwiki:jspwiki-main (Maven) Jul 31, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-7205 was published Jul 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database