GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,525

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

27,346 advisories

Filter by severity

Sort by

Least recently updated

IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is... Moderate Unreviewed

CVE-2024-49785 was published Jan 12, 2025

IBM Jazz Foundation 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.... Moderate Unreviewed

CVE-2021-29669 was published Jan 12, 2025

The Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed

CVE-2024-12407 was published Jan 11, 2025

The GatorMail SmartForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11386 was published Jan 11, 2025

The WP SPID Italia plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11758 was published Jan 11, 2025

The Rental and Booking Manager for Bike, Car, Dress, Resort with WooCommerce Integration –... Moderate Unreviewed

CVE-2024-12412 was published Jan 11, 2025

The Grid Accordion Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11874 was published Jan 11, 2025

The Dominion – Domain Checker for WPBakery plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-12520 was published Jan 11, 2025

The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-12527 was published Jan 11, 2025

The TCBD Auto Refresher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-12519 was published Jan 11, 2025

The Accordion Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-11892 was published Jan 11, 2025

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is... Moderate Unreviewed

CVE-2024-12304 was published Jan 11, 2025

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages... Moderate Unreviewed

CVE-2024-11327 was published Jan 11, 2025

The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-12505 was published Jan 11, 2025

A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables... High Unreviewed

CVE-2025-0104 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2025-23112 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in... Moderate Unreviewed

CVE-2025-23110 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name,... Moderate Unreviewed

CVE-2025-23111 was published Jan 11, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Unknown Unreviewed

CVE-2025-23079 was published Jan 10, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Unknown Unreviewed

CVE-2025-23078 was published Jan 10, 2025

A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in... Critical Unreviewed

CVE-2024-57686 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13183 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-0311 was published Jan 10, 2025

A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6... Moderate Unreviewed

CVE-2024-56376 was published Jan 10, 2025

A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows... Moderate Unreviewed

CVE-2024-56377 was published Jan 10, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

27,346 advisories