GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,671

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34,110 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the... Moderate Unreviewed

CVE-2025-6988 was published Nov 1, 2025

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin plugin for WordPress is... Moderate Unreviewed

CVE-2025-12090 was published Nov 1, 2025

The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post... Moderate Unreviewed

CVE-2025-12118 was published Nov 1, 2025

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11502 was published Nov 1, 2025

The Flying Images: Optimize and Lazy Load Images for Faster Page Speed plugin for WordPress is... Moderate Unreviewed

CVE-2025-11927 was published Nov 1, 2025

The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via event... High Unreviewed

CVE-2025-11995 was published Nov 1, 2025

The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11928 was published Nov 1, 2025

The Inactive Logout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11922 was published Nov 1, 2025

A vulnerability was determined in LogicalDOC Community Edition up to 9.2.1. This affects an... Moderate Unreviewed

CVE-2025-12546 was published Oct 31, 2025

Multiple cross-site scripting (XSS) vulnerabilities in web content template’s select structure... Moderate Unreviewed

CVE-2025-62267 was published Oct 31, 2025

ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in... High Unreviewed

CVE-2025-62618 was published Oct 31, 2025

Nagios XI versions prior to < 2024R1.1 is vulnerable to a cross-site scripting (XSS) when a user... Moderate Unreviewed

CVE-2024-13992 was published Oct 31, 2025

An XSS issue was discovered in Afterlogic Aurora webmail version 9.8.3 and below. An attacker can... Moderate Unreviewed

CVE-2025-12460 was published Oct 31, 2025

A reflected cross-site scripting (XSS) vulnerability in BEO GmbH BEO Atlas Einfuhr Ausfuhr 3.0... Moderate Unreviewed

CVE-2025-61427 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Unknown Unreviewed

CVE-2025-64365 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64362 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64367 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64354 was published Oct 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-64361 was published Oct 31, 2025

The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11806 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the... Moderate Unreviewed

CVE-2024-14001 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the... Moderate Unreviewed

CVE-2024-14000 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R1 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2024-58272 was published Oct 31, 2025

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS)... Moderate Unreviewed

CVE-2025-34278 was published Oct 31, 2025

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bandwidth... Moderate Unreviewed

CVE-2023-7314 was published Oct 31, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,110 advisories