GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,478

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

34,836 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic... Moderate Unreviewed

CVE-2025-5377 was published May 31, 2025

A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0.... Moderate Unreviewed

CVE-2025-5378 was published May 31, 2025

A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by... Moderate Unreviewed

CVE-2025-5383 was published May 31, 2025

The FastSpring plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-4595 was published May 31, 2025

The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-5290 was published May 31, 2025

The Product Subtitle for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-5285 was published May 31, 2025

The Daisycon prijsvergelijkers plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-4590 was published May 31, 2025

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-3813 was published May 31, 2025

The Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks,... Moderate Unreviewed

CVE-2025-5292 was published May 31, 2025

The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-5016 was published May 31, 2025

Chrome PHP is missing encoding in `CssSelector` Moderate

CVE-2025-48883 was published for chrome-php/chrome (Composer) May 28, 2025

Moodle stored Cross-site Scripting (XSS) Moderate

CVE-2024-33997 was published for moodle/moodle (Composer) May 31, 2024

The FormFlow: WhatsApp Social and Advanced Form Builder with Easy Lead Collection WordPress... Moderate Unreviewed

CVE-2024-3113 was published Jul 30, 2024

The Inline Related Posts WordPress plugin before 3.8.0 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-6487 was published Jul 29, 2024

Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site Scripting (XSS). Moderate Unreviewed

CVE-2022-24967 was published Jun 3, 2022

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is anonymous... Moderate Unreviewed

CVE-2018-10208 was published May 14, 2022

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS via the... Moderate Unreviewed

CVE-2018-10206 was published May 14, 2022

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS on the... Moderate Unreviewed

CVE-2018-10209 was published May 14, 2022

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is XSS in invitation... Moderate Unreviewed

CVE-2018-10213 was published May 14, 2022

The Donation Block For PayPal WordPress plugin through 2.1.0 does not sanitise and escape form... Moderate Unreviewed

CVE-2024-6021 was published Jul 30, 2024

The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to... Moderate Unreviewed

CVE-2024-2761 was published Apr 19, 2024

The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters,... Moderate Unreviewed

CVE-2024-3231 was published May 17, 2024

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.4.0, wp-staging-pro WordPress... Moderate Unreviewed

CVE-2024-2309 was published Apr 17, 2024

Vound Intella Connect 2.6.0.3 is vulnerable to stored Cross-site Scripting (XSS). Moderate Unreviewed

CVE-2023-35792 was published Jul 31, 2023

Interact 7.9.79.5 allows stored Cross-site Scripting (XSS) attacks in several locations, allowing... Moderate Unreviewed

CVE-2023-41103 was published Sep 11, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,836 advisories