Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,326 advisories

Loading
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote... Low Unreviewed
CVE-2024-12923 was published Aug 29, 2025
A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has... Low Unreviewed
CVE-2025-8751 was published Aug 9, 2025
The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP... Low Unreviewed
CVE-2025-4599 was published Aug 5, 2025
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37109 was published Jul 31, 2025
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37108 was published Jul 31, 2025
A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998... Low Unreviewed
CVE-2025-8206 was published Jul 26, 2025
A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA)... Low Unreviewed
CVE-2019-15253 was published May 24, 2022
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Low Unreviewed
CVE-2025-43488 was published Jul 23, 2025
The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules)... Low Unreviewed
CVE-2025-7672 was published Jul 15, 2025
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000... Low Unreviewed
CVE-2024-6344 was published Jun 26, 2024
In affected versions of Octopus Server error messages were handled unsafely on the error page. If... Low Unreviewed
CVE-2025-0513 was published Feb 11, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-53492 was published Jul 2, 2025
IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0... Low Unreviewed
CVE-2024-51472 was published Jan 6, 2025
Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML... Low Unreviewed
CVE-2025-42990 was published Jun 10, 2025
The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not... Low Unreviewed
CVE-2024-11140 was published May 15, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If... Low Unreviewed
CVE-2024-50406 was published Jun 6, 2025
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform... Low Unreviewed
CVE-2024-23553 was published Feb 2, 2024
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3513 was published May 2, 2025
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form... Low Unreviewed
CVE-2025-3514 was published May 2, 2025
The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape... Low Unreviewed
CVE-2025-0692 was published Feb 13, 2025
The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13125 was published Feb 13, 2025
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &... Low Unreviewed
CVE-2024-13121 was published Feb 13, 2025
The Flattr WordPress plugin through 1.2.2 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2024-3920 was published May 23, 2024
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized... Low Unreviewed
CVE-2025-1420 was published May 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database