GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
24,960 advisories
Filter by severity
The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in...
Moderate
Unreviewed
CVE-2025-0170
was published
Jan 16, 2025
A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows...
Moderate
Unreviewed
CVE-2024-41453
was published
Jan 16, 2025
The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to Reflected...
Moderate
Unreviewed
CVE-2025-0215
was published
Jan 16, 2025
The issue was addressed with improved input sanitization. This issue is fixed in Apple Music 1.5...
Moderate
Unreviewed
CVE-2024-54540
was published
Jan 15, 2025
A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic....
Moderate
Unreviewed
CVE-2025-0483
was published
Jan 15, 2025
A vulnerability was found in Fanli2012 native-php-cms 1.0. It has been classified as problematic....
Moderate
Unreviewed
CVE-2025-0485
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22759
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22761
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22769
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22758
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22762
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22780
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22781
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22788
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22798
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22797
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22734
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22329
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22745
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22738
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22724
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22587
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22742
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22746
was published
Jan 15, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Moderate
Unreviewed
CVE-2025-22743
was published
Jan 15, 2025
ProTip!
Advisories are also available from the
GraphQL API