Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,287 advisories

Loading
Homarr before v0.14.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2023-45908 was published Jan 21, 2025
OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious... Moderate Unreviewed
CVE-2024-48392 was published Jan 21, 2025
Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed... Moderate Unreviewed
CVE-2024-55958 was published Jan 21, 2025
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page Moderate Unreviewed
CVE-2025-24459 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22276 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22661 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22267 was published Jan 21, 2025
SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create... Moderate Unreviewed
CVE-2024-54795 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22718 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22727 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22732 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22825 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22262 was published Jan 21, 2025
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit... Moderate Unreviewed
CVE-2024-56998 was published Jan 21, 2025
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor... Moderate Unreviewed
CVE-2024-56997 was published Jan 21, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23997 was published Jan 21, 2025
The FireCask Like & Share Button plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-11226 was published Jan 21, 2025
The Betheme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-0450 was published Jan 21, 2025
The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13404 was published Jan 21, 2025
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several... Moderate Unreviewed
CVE-2025-0371 was published Jan 21, 2025
The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing... Moderate Unreviewed
CVE-2025-0583 was published Jan 20, 2025
A vulnerability classified as problematic has been found in CampCodes School Management Software... Moderate Unreviewed
CVE-2025-0581 was published Jan 20, 2025
A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as... Moderate Unreviewed
CVE-2025-0578 was published Jan 20, 2025
A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. This issue... Moderate Unreviewed
CVE-2025-0576 was published Jan 20, 2025
The Import any XML or CSV File to WordPress PRO plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-8722 was published Jan 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database