Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,361 advisories

Loading
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed
CVE-2024-52365 was published Feb 5, 2025
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed
CVE-2024-52364 was published Feb 5, 2025
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2024-53963 was published Feb 5, 2025
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-53964 was published Feb 5, 2025
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-53962 was published Feb 5, 2025
Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2024-53966 was published Feb 5, 2025
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2024-53965 was published Feb 5, 2025
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross... Moderate Unreviewed
CVE-2024-40700 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22697 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22675 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22674 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22653 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22664 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22642 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22662 was published Feb 4, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22641 was published Feb 4, 2025
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13699 was published Feb 4, 2025
Authentik project is vulnerable to Stored XSS attacks through uploading crafted SVG files that... Moderate Unreviewed
CVE-2024-11623 was published Feb 4, 2025
The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-13733 was published Feb 4, 2025
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More... Moderate Unreviewed
CVE-2024-13403 was published Feb 4, 2025
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2024-12597 was published Feb 4, 2025
Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to... Moderate Unreviewed
CVE-2024-44449 was published Feb 3, 2025
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed
CVE-2024-50656 was published Feb 3, 2025
Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to... Moderate Unreviewed
CVE-2024-57498 was published Feb 3, 2025
ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php. Moderate Unreviewed
CVE-2024-57097 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database