Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,386 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-11261 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61642 was published Feb 3, 2026
A vulnerability, which was classified as problematic, has been found in Bdtask Bhojon Best... Low Unreviewed
CVE-2024-1749 was published Feb 22, 2024
A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store... Low Unreviewed
CVE-2024-2133 was published Mar 3, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect QuFTP Service. If a remote... Low Unreviewed
CVE-2026-22895 was published Mar 20, 2026
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified... Low Unreviewed
CVE-2024-2066 was published Mar 1, 2024
A vulnerability was found in Bdtask Hospita AutoManager up to 20240223 and classified as... Low Unreviewed
CVE-2024-2135 was published Mar 3, 2024
A vulnerability classified as problematic has been found in PHPGurukul Tourism Management System... Low Unreviewed
CVE-2024-1822 was published Feb 23, 2024
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage.... Low Unreviewed
CVE-2023-48679 was published Feb 27, 2024
Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following... Low Unreviewed
CVE-2023-48681 was published Feb 27, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61637 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61640 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61636 was published Feb 3, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61638 was published Feb 3, 2026
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform... Low Unreviewed
CVE-2024-23553 was published Feb 2, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Petrol Pump... Low Unreviewed
CVE-2024-2063 was published Mar 1, 2024
wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability that allows attackers to... Low Unreviewed
CVE-2026-22210 was published Mar 13, 2026
Some HTTP security headers are not properly set by the web server when sending responses to the... Low Unreviewed
CVE-2026-1696 was published Feb 26, 2026
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting (XSS) via the... Low Unreviewed
CVE-2026-3884 was published Mar 11, 2026
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-61645 was published Feb 3, 2026
A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashboard functionality... Low Unreviewed
CVE-2025-40894 was published Mar 4, 2026
A Stored HTML Injection vulnerability was discovered in the CMC's Sensor Map functionality due to... Low Unreviewed
CVE-2025-40895 was published Mar 4, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program... Low Unreviewed
CVE-2025-6591 was published Feb 3, 2026
SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area for certain edge-case... Low Unreviewed
CVE-2026-26345 was published Feb 19, 2026
A vulnerability was detected in zhanglun lettura up to 0.1.22. This issue affects some unknown... Low Unreviewed
CVE-2025-15454 was published Jan 5, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database