Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
681
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

28,185 advisories

Loading
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to... Moderate Unreviewed
CVE-2024-57498 was published Feb 3, 2025
ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php. Moderate Unreviewed
CVE-2024-57097 was published Feb 3, 2025
The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in... Moderate Unreviewed
CVE-2024-11132 was published Feb 3, 2025
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth... Moderate Unreviewed
CVE-2024-57175 was published Feb 3, 2025
An issue was discovered in NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic... Moderate Unreviewed
CVE-2024-53943 was published Feb 3, 2025
PhpSpreadsheet allows bypassing of XSS sanitizer using the javascript protocol and special characters Moderate
CVE-2025-23210 was published for phpoffice/phpspreadsheet (Composer) Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23581 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23561 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23747 was published Feb 3, 2025
SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting ... Moderate Unreviewed
CVE-2024-57522 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22292 was published Feb 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22683 was published Feb 3, 2025
The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before... Moderate Unreviewed
CVE-2024-13347 was published Feb 3, 2025
An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It... Moderate Unreviewed
CVE-2025-25063 was published Feb 3, 2025
An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It... Moderate Unreviewed
CVE-2025-25062 was published Feb 3, 2025
A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. This... Moderate Unreviewed
CVE-2025-0972 was published Feb 3, 2025
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic.... Moderate Unreviewed
CVE-2025-0971 was published Feb 3, 2025
A vulnerability, which was classified as problematic, has been found in code-projects Job... Moderate Unreviewed
CVE-2025-0961 was published Feb 2, 2025
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss... Moderate Unreviewed
CVE-2024-13612 was published Feb 1, 2025
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2024-11829 was published Feb 1, 2025
The Responsive iframe WordPress plugin through 1.2.0 does not validate and escape some of its... Moderate Unreviewed
CVE-2024-12768 was published Feb 1, 2025
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-11780 was published Feb 1, 2025
The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-13547 was published Feb 1, 2025
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1... Moderate Unreviewed
CVE-2024-49349 was published Jan 31, 2025
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1... Moderate Unreviewed
CVE-2024-49339 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database