GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,659

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

158,245 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58087 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58089 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58088 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58093 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58094 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58090 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyRoute functionality of... Moderate Unreviewed

CVE-2025-57787 was published Jan 20, 2026

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php... Moderate Unreviewed

CVE-2025-58091 was published Jan 20, 2026

The NotificationX plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2026-0554 was published Jan 20, 2026

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2025-1722 was published Jan 20, 2026

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2025-1719 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter... Moderate Unreviewed

CVE-2025-54814 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the fetchPriorStudies... Moderate Unreviewed

CVE-2025-46270 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the ldapUser functionality of... Moderate Unreviewed

CVE-2025-36556 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of... Moderate Unreviewed

CVE-2025-54853 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of... Moderate Unreviewed

CVE-2025-54817 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the emailfailedjob functionality... Moderate Unreviewed

CVE-2025-54495 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7Route functionality... Moderate Unreviewed

CVE-2025-53854 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the encapsulatedDoc functionality... Moderate Unreviewed

CVE-2025-54157 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of... Moderate Unreviewed

CVE-2025-54778 was published Jan 20, 2026

The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-15043 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyAeTitle functionality of... Moderate Unreviewed

CVE-2025-54852 was published Jan 20, 2026

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read... Moderate Unreviewed

CVE-2025-13925 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the sendOruReport functionality of... Moderate Unreviewed

CVE-2025-44000 was published Jan 20, 2026

A reflected cross-site scripting (xss) vulnerability exists in the modifyTranscript functionality... Moderate Unreviewed

CVE-2025-53707 was published Jan 20, 2026

Previous 1…396…400 Next

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

158,245 advisories