Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,908 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24551 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24560 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24608 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24535 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24635 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24609 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24632 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24718 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24710 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24686 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22564 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23671 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23596 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23759 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22332 was published Jan 31, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22341 was published Jan 31, 2025
The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is... High Unreviewed
CVE-2024-13504 was published Jan 31, 2025
The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links... High Unreviewed
CVE-2025-0809 was published Jan 31, 2025
A Stored Cross-Site Scripting vulnerability has been found in EmbedAI. This vulnerability allows... High Unreviewed
CVE-2025-0747 was published Jan 30, 2025
The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress... High Unreviewed
CVE-2024-13696 was published Jan 29, 2025
Pimcore Authenticated Stored Cross-Site Scripting (XSS) Via Search Document High
GHSA-xr3m-6gq6-22cg was published for pimcore/pimcore (Composer) Jan 28, 2025
maeitsec
The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is... High Unreviewed
CVE-2024-13509 was published Jan 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24626 was published Jan 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24708 was published Jan 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-24593 was published Jan 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database