Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

31,798 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25077 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25076 was published Feb 7, 2025
A vulnerability, which was classified as problematic, was found in Animati PACS up to 1.24.12.09... Moderate Unreviewed
CVE-2025-1085 was published Feb 7, 2025
A vulnerability classified as problematic has been found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0.... Moderate Unreviewed
CVE-2025-1082 was published Feb 7, 2025
IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting.... Moderate Unreviewed
CVE-2024-52892 was published Feb 6, 2025
Tiny File Manager v2.4.7 and below was discovered to contain a Cross Site Scripting (XSS)... Moderate Unreviewed
CVE-2022-40490 was published Feb 6, 2025
PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS).... Moderate Unreviewed
CVE-2024-57427 was published Feb 6, 2025
A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking System v2.0 exists... Critical Unreviewed
CVE-2024-57428 was published Feb 6, 2025
Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows attackers to execute... Moderate Unreviewed
CVE-2024-57599 was published Feb 6, 2025
A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML... Critical Unreviewed
CVE-2024-39272 was published Feb 6, 2025
Parsed HTML anchor links in Markdown provided to parseMarkdown can result in XSS in @nuxtjs/mdc Critical
CVE-2025-24981 was published for @nuxtjs/mdc (npm) Feb 6, 2025
lirantal
A Stored Cross-Site Scripting (Stored XSS) vulnerability has been found in the Holded application... Moderate Unreviewed
CVE-2025-1076 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49792 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49791 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed
CVE-2024-49793 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2024-38317 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed
CVE-2024-56472 was published Feb 6, 2025
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2025-0522 was published Feb 6, 2025
A Stored Cross-Site Scripting (XSS) vulnerability was identified affecting Skybox Change Manager... Moderate Unreviewed
CVE-2024-54853 was published Feb 6, 2025
Better Auth URL parameter HTML Injection (Reflected Cross-Site scripting) Critical
GHSA-9x4v-xfq5-m8x5 was published for better-auth (npm) Feb 5, 2025
Eriner
MobSF Stored Cross-Site Scripting (XSS) High
CVE-2025-24803 was published for mobsf (pip) Feb 5, 2025
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP... Moderate Unreviewed
CVE-2025-24320 was published Feb 5, 2025
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure... Moderate Unreviewed
CVE-2025-20180 was published Feb 5, 2025
A vulnerability in the web-based management interface of Cisco Expressway Series could allow an... Moderate Unreviewed
CVE-2025-20179 was published Feb 5, 2025
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2025-20204 was published Feb 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database