Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,693 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31077 was published Mar 28, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed
CVE-2025-31075 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31094 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31088 was published Mar 28, 2025
Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo – A... Moderate Unreviewed
CVE-2025-27001 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31083 was published Mar 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven allows Cross Site Request... Moderate Unreviewed
CVE-2025-31079 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31073 was published Mar 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows... Moderate Unreviewed
CVE-2025-31076 was published Mar 28, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
An issue has been discovered in GitLab EE/CE affecting all versions from 12.10 before 17.8.6, 17... Moderate Unreviewed
CVE-2024-10307 was published Mar 28, 2025
An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0... Moderate Unreviewed
CVE-2019-16149 was published Mar 28, 2025
The tagDiv Composer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-1705 was published Mar 28, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Moderate Unreviewed
CVE-2025-27716 was published Mar 28, 2025
The Advanced Google reCAPTCHA plugin for WordPress is vulnerable to generic SQL Injection via the... Moderate Unreviewed
CVE-2025-2074 was published Mar 28, 2025
Cross-site scripting vulnerability exists in the NickName registration screen of HGW-BL1500HM Ver... Moderate Unreviewed
CVE-2025-27567 was published Mar 28, 2025
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is... Moderate Unreviewed
CVE-2025-2578 was published Mar 28, 2025
The Event Tickets with Ticket Scanner WordPress plugin before 2.5.4 does not have CSRF check in... Moderate Unreviewed
CVE-2025-1762 was published Mar 28, 2025
A double free vulnerability has been identified in the ASUS System Analysis service. This... Moderate Unreviewed
CVE-2025-2027 was published Mar 28, 2025
The tagDiv Composer plugin for WordPress, used by the Newspaper theme, is vulnerable to Reflected... Moderate Unreviewed
CVE-2025-2804 was published Mar 28, 2025
The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter... Moderate Unreviewed
CVE-2025-31335 was published Mar 28, 2025
The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of... Moderate Unreviewed
CVE-2025-2894 was published Mar 28, 2025
A vulnerability was found in Kentico CMS up to 13.0.178. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-2878 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31101 was published Mar 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31092 was published Mar 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database