Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

36,293 advisories

Loading
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects... Moderate Unreviewed
CVE-2025-8743 was published Aug 9, 2025
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2025-8740 was published Aug 8, 2025
IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2025-0719 was published Aug 8, 2025
A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP... Moderate Unreviewed
CVE-2025-50927 was published Aug 8, 2025
Liferay Portal Reflected XSS in blogs-web Moderate
CVE-2025-4576 was published for com.liferay:com.liferay.blogs.web (Maven) Aug 8, 2025
The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This... High Unreviewed
CVE-2020-9322 was published Aug 8, 2025
A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook... High Unreviewed
CVE-2025-51629 was published Aug 7, 2025
Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS)... Moderate Unreviewed
CVE-2023-41519 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS)... Moderate Unreviewed
CVE-2023-41529 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for... Moderate Unreviewed
CVE-2025-54395 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for... Moderate Unreviewed
CVE-2025-54392 was published Aug 7, 2025
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora... Moderate Unreviewed
CVE-2025-55134 was published Aug 7, 2025
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client... Moderate Unreviewed
CVE-2025-55133 was published Aug 7, 2025
EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web... Moderate Unreviewed
CVE-2024-52680 was published Aug 7, 2025
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8580 was published Aug 7, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8581 was published Aug 7, 2025
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8577 was published Aug 7, 2025
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8579 was published Aug 7, 2025
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows... Moderate Unreviewed
CVE-2025-51053 was published Aug 6, 2025
AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss)... Moderate Unreviewed
CVE-2025-50740 was published Aug 6, 2025
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. High Unreviewed
CVE-2025-51624 was published Aug 6, 2025
A reflected cross-site scripting (XSS) vulnerability in Sage DPW v2024.12.003 allows attackers to... Moderate Unreviewed
CVE-2025-51531 was published Aug 6, 2025
The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-7727 was published Aug 6, 2025
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor... Moderate Unreviewed
CVE-2025-7399 was published Aug 6, 2025
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-7498 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database