GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,719 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31731 was published Apr 1, 2025

Missing Authorization vulnerability in gb-plugins GB Gallery Slideshow allows Exploiting... Moderate Unreviewed

CVE-2025-31732 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31733 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31734 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31737 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31738 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31740 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31743 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31735 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31741 was published Apr 1, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-30676 was published Apr 1, 2025

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use... Moderate Unreviewed

CVE-2025-3028 was published Apr 1, 2025

An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This... Moderate Unreviewed

CVE-2025-3031 was published Apr 1, 2025

Missing Authorization vulnerability in Zoho Flow allows Exploiting Incorrectly Configured Access... Moderate Unreviewed

CVE-2025-31408 was published Apr 1, 2025

By first using the AI chatbot in one tab and later activating it in another tab, the document... Moderate Unreviewed

CVE-2025-3035 was published Apr 1, 2025

When run on commands with certain arguments set, explain may fail to validate these arguments... Moderate Unreviewed

CVE-2025-3084 was published Apr 1, 2025

The Contempo Real Estate Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-2906 was published Apr 1, 2025

Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization... Moderate Unreviewed

CVE-2025-27130 was published Apr 1, 2025

The PowerPack Elementor Addons (Free Widgets, Extensions and Templates) plugin for WordPress is... Moderate Unreviewed

CVE-2025-1512 was published Apr 1, 2025

The Groundhogg plugin for Wordpress is vulnerable to Stored Cross-Site Scripting via the ‘label'... Moderate Unreviewed

CVE-2025-1267 was published Apr 1, 2025

The WDesignKit – Elementor & Gutenberg Starter Templates, Patterns, Cloud Workspace & Widget... Moderate Unreviewed

CVE-2024-12189 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-31409 was published Apr 1, 2025

Missing Authorization vulnerability in KingAddons.com King Addons for Elementor. This issue... Moderate Unreviewed

CVE-2025-30926 was published Apr 1, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-30802 was published Apr 1, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-30613 was published Apr 1, 2025

Previous 1…379…400 Next

Previous 1 2 … 377 378 379 380 381 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,719 advisories