Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

31,966 advisories

Loading
A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime... Moderate Unreviewed
CVE-2025-1360 was published Feb 16, 2025
A vulnerability, which was classified as problematic, has been found in SIAM Industria de... Moderate Unreviewed
CVE-2025-1359 was published Feb 16, 2025
A vulnerability was found in Asus RT-N12E 2.0.0.19. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-1354 was published Feb 16, 2025
A vulnerability was found in Eastnets PaymentSafe 2.5.26.0. It has been classified as problematic... Moderate Unreviewed
CVE-2025-1337 was published Feb 16, 2025
A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This... Moderate Unreviewed
CVE-2025-1332 was published Feb 16, 2025
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-1005 was published Feb 15, 2025
The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-13563 was published Feb 15, 2025
Label Studio allows Cross-Site Scripting (XSS) via GET request to `/projects/upload-example` endpoint Moderate
CVE-2025-25296 was published for label-studio (pip) Feb 14, 2025
xbow-security
Vega allows Cross-site Scripting via the vlSelectionTuples function Moderate
CVE-2025-25304 was published for vega (npm) Feb 14, 2025
FallingPineapples domoritz
A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the manage-employee.php page... Moderate Unreviewed
CVE-2025-26158 was published Feb 14, 2025
Cross Site Scripting vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain... Moderate Unreviewed
CVE-2025-25990 was published Feb 14, 2025
Cross Site Scripting vulnerability in hooskcms v.1.8 allows a remote attacker to cause a denial... Moderate Unreviewed
CVE-2025-25988 was published Feb 14, 2025
Cross Site Scripting vulnerability found in KOHGYLW Kiftd v.1.0.18 allows a remote attacker to... Moderate Unreviewed
CVE-2020-19699 was published Apr 4, 2023
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2024-56938 was published Feb 13, 2025
LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in... Moderate Unreviewed
CVE-2024-56939 was published Feb 13, 2025
Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed... Moderate Unreviewed
CVE-2024-54951 was published Feb 14, 2025
Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to... Moderate Unreviewed
CVE-2024-57605 was published Feb 13, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-27965 was published Mar 21, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2024-27963 was published Mar 21, 2024
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-2127 was published Mar 7, 2024
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various... Moderate Unreviewed
CVE-2024-21724 was published Feb 29, 2024
An arbitrary file upload vulnerability in the Add Media function of SKINsoft S-Museum v7.02.3... Moderate Unreviewed
CVE-2024-25801 was published Feb 22, 2024
A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of... Moderate Unreviewed
CVE-2024-26489 was published Feb 22, 2024
The Page Builder: Pagelayer WordPress plugin before 1.8.1 does not sanitise and escape some of... Moderate Unreviewed
CVE-2023-7115 was published Feb 27, 2024
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39,... Moderate Unreviewed
CVE-2023-41165 was published Feb 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database