Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,312 advisories

Loading
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform... Low Unreviewed
CVE-2024-23553 was published Feb 2, 2024
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3513 was published May 2, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3514 was published May 2, 2025
The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape... Low Unreviewed
CVE-2025-0692 was published Feb 13, 2025
The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13125 was published Feb 13, 2025
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Low Unreviewed
CVE-2024-13121 was published Feb 13, 2025
The Flattr WordPress plugin through 1.2.2 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2024-3920 was published May 23, 2024
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized... Low Unreviewed
CVE-2025-1420 was published May 21, 2025
Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high... Low Unreviewed
CVE-2025-1419 was published May 21, 2025
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability... Low Unreviewed
CVE-2025-40632 was published May 16, 2025
The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape... Low Unreviewed
CVE-2024-10554 was published Mar 25, 2025
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and... Low Unreviewed
CVE-2024-10545 was published Feb 25, 2025
The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-10710 was published Nov 25, 2024
The Button contact VR WordPress plugin through 4.7 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-2220 was published May 23, 2024
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not... Low Unreviewed
CVE-2024-10102 was published Jan 7, 2025
The Photo Gallery by 10Web WordPress plugin before 1.8.33 does not sanitise and escape some of... Low Unreviewed
CVE-2024-13124 was published Mar 24, 2025
The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-13116 was published Jan 27, 2025
The Form Maker by 10Web WordPress plugin before 1.15.30 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-10558 was published Mar 24, 2025
The EasyEvent WordPress plugin through 1.0.0 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2024-3628 was published May 7, 2024
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.8.9 does not... Low Unreviewed
CVE-2024-2118 was published Apr 17, 2024
The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat,... Low Unreviewed
CVE-2024-2972 was published Apr 24, 2024
The Form Maker by 10Web WordPress plugin before 1.15.31 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-10562 was published Jan 7, 2025
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-13381 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3502 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3504 was published May 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database