Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,632
Erlang
34
GitHub Actions
25
Go
2,228
Maven
5,000+
npm
3,895
NuGet
701
pip
3,661
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

33,638 advisories

Loading
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The... Low Unreviewed
CVE-2024-45712 was published Apr 15, 2025
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... Moderate Unreviewed
CVE-2025-2225 was published Apr 15, 2025
Versions of the package jquery-validation before 1.20.0 are vulnerable to Cross-site Scripting ... Moderate Unreviewed
CVE-2025-3573 was published Apr 15, 2025
A vulnerability, which was classified as problematic, was found in Demtec Graphytics 5.0.7. This... Moderate Unreviewed
CVE-2025-3612 was published Apr 15, 2025
A vulnerability has been found in Demtec Graphytics 5.0.7 and classified as problematic. This... Moderate Unreviewed
CVE-2025-3613 was published Apr 15, 2025
A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified... Moderate Unreviewed
CVE-2025-3592 was published Apr 15, 2025
A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0 and classified as... Moderate Unreviewed
CVE-2025-3591 was published Apr 15, 2025
IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2022-43850 was published Apr 14, 2025
The Community by PeepSo – Download from PeepSo.com plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-11447 was published Apr 14, 2025
@sveltejs/kit vulnerable to Cross-site Scripting via tracked search_params Moderate
CVE-2025-32388 was published for @sveltejs/kit (npm) Apr 14, 2025
kkarikos Rich-Harris
dominikg dummdidumm
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2025-22373 was published Apr 14, 2025
A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0. It has been classified... Moderate Unreviewed
CVE-2025-3570 was published Apr 14, 2025
A vulnerability has been found in Webkul Krayin CRM up to 2.1.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-3568 was published Apr 14, 2025
Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup High Unreviewed
CVE-2025-2161 was published Apr 14, 2025
Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup High Unreviewed
CVE-2025-2160 was published Apr 14, 2025
A vulnerability, which was classified as critical, has been found in veal98 小牛肉 Echo 开源社区系统 4.2.... Moderate Unreviewed
CVE-2025-3566 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site... Moderate Unreviewed
CVE-2024-49708 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-49707 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10090 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10087 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-13597 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS (Cross-site... Moderate Unreviewed
CVE-2024-10089 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-13598 was published Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross... Moderate Unreviewed
CVE-2024-10088 was published Apr 14, 2025
A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0 and classified as problematic. This... Moderate Unreviewed
CVE-2025-3560 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database