Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

361 advisories

Loading
MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter ... Critical Unreviewed
CVE-2025-44136 was published Jul 29, 2025
A Cross-Site Scripting (XSS) vulnerability has been identified in Psono-Client’s handling of... Critical Unreviewed
CVE-2025-1987 was published Jun 22, 2025
Beego allows Reflected/Stored XSS in Beego's RenderForm() Function Due to Unescaped User Input Critical
CVE-2025-30223 was published for github.com/beego/beego (Go) Mar 31, 2025
thevilledev
Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report... Critical Unreviewed
CVE-2025-50754 was published Aug 4, 2025
A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service... Critical Unreviewed
CVE-2023-43091 was published Nov 17, 2024
Liferay Portal and Liferay DXP Vulnerable to Reflected XSS via the Export for Translation Page Critical
CVE-2023-42497 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023
Liferay Portal and Liferay DXP Vulnerable to Stored XSS in the Manage Vocabulary Page Critical
CVE-2023-42629 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023
Liferay Portal and Liferay DXP Vulnerable to XSS in the Fragment Components Critical
CVE-2023-44309 was published for com.liferay.portal:release.dxp.bom (Maven) Oct 17, 2023
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack... Critical Unreviewed
CVE-2024-12223 was published Aug 20, 2025
An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3.1 allows a remote attacker... Critical Unreviewed
CVE-2025-26210 was published Sep 3, 2025
Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross... Critical Unreviewed
CVE-2025-52161 was published Sep 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database