Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,474
Erlang
33
GitHub Actions
24
Go
2,198
Maven
5,000+
npm
3,843
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
912
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,199 advisories

Loading
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release... High Unreviewed
CVE-2025-0595 was published Mar 17, 2025
A stored Cross-site Scripting (XSS) vulnerability affecting Bookmark Editor in ENOVIA... High Unreviewed
CVE-2025-0596 was published Mar 17, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26972 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23744 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26548 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26555 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26554 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26556 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26553 was published Mar 16, 2025
The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email... High Unreviewed
CVE-2025-2325 was published Mar 15, 2025
An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS... High Unreviewed
CVE-2024-26006 was published Mar 14, 2025
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-1561 was published Mar 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-28895 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-28905 was published Mar 11, 2025
An improper neutralization of input during web page generation ('Cross-site Scripting')... High Unreviewed
CVE-2023-37933 was published Mar 11, 2025
Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated... High Unreviewed
CVE-2025-27434 was published Mar 11, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25825 was published Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25823 was published Mar 6, 2025
A DOM Clobbering vulnerability in umeditor v1.2.3 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53387 was published Mar 3, 2025
A Cross Site Scripting (XSS) vulnerability in GitLab-EE affecting all versions from 16.6 prior to... High Unreviewed
CVE-2025-0555 was published Mar 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-27269 was published Mar 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-27271 was published Mar 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-27279 was published Mar 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-27275 was published Mar 3, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-27278 was published Mar 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database