Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,813 advisories

Loading
Improper neutralization of input during web page generation vulnerability in MagnusSolution... High Unreviewed
CVE-2025-2610 was published Mar 22, 2025
Improper neutralization of input during web page generation vulnerability in MagnusSolution... High Unreviewed
CVE-2025-2609 was published Mar 22, 2025
Reflected XSS in go-httpbin due to unrestricted client control over Content-Type Low
GHSA-528q-4pgm-wvg2 was published for github.com/mccutchen/go-httpbin (Go) Mar 21, 2025
AyushXtha
Improper Neutralization of Input During Web Page Generation Cross-site Scripting vulnerability in... High Unreviewed
CVE-2025-25035 was published Mar 21, 2025
An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiOS... Moderate Unreviewed
CVE-2019-16151 was published Mar 21, 2025
Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS... High Unreviewed
CVE-2025-30349 was published Mar 21, 2025
A vulnerability was found in code-projects Human Resource Management System 1.0.1. It has been... Moderate Unreviewed
CVE-2025-2590 was published Mar 21, 2025
Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies... Moderate Unreviewed
CVE-2025-2597 was published Mar 21, 2025
A vulnerability was found in SimpleMachines SMF 2.1.4. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-2583 was published Mar 21, 2025
A vulnerability was found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2025-2582 was published Mar 21, 2025
An XSS issue was discovered in OpenSlides before 4.2.5. When submitting descriptions such as... Moderate Unreviewed
CVE-2025-30342 was published Mar 21, 2025
Zohocorp ManageEngine ServiceDesk Plus versions below 14920 , ServiceDesk Plus MSP and... Moderate Unreviewed
CVE-2024-50053 was published Mar 21, 2025
Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG... Moderate Unreviewed
CVE-2024-48591 was published Mar 20, 2025
A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management... Moderate Unreviewed
CVE-2025-29410 was published Mar 20, 2025
A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart... Moderate Unreviewed
CVE-2025-29412 was published Mar 20, 2025
Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect Moderate
CVE-2025-27888 was published for org.apache.druid:druid (Maven) Mar 20, 2025
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-1802 was published Mar 20, 2025
A stored Cross-site Scripting (XSS) vulnerability exists in the latest version of wandb/openui.... Moderate Unreviewed
CVE-2025-0192 was published Mar 20, 2025
A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of... Moderate Unreviewed
CVE-2025-0183 was published Mar 20, 2025
A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and... High Unreviewed
CVE-2025-0281 was published Mar 20, 2025
A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest... High Unreviewed
CVE-2024-9699 was published Mar 20, 2025
LocalAI version v2.19.4 (af0545834fd565ab56af0b9348550ca9c3cb5349) contains a vulnerability where... Low Unreviewed
CVE-2024-9901 was published Mar 20, 2025
A stored cross-site scripting (XSS) vulnerability exists in the gaizhenbiao/chuanhuchatgpt... Moderate Unreviewed
CVE-2024-9107 was published Mar 20, 2025
AgentScope stored cross-site scripting (XSS) vulnerability Moderate
CVE-2024-8556 was published for agentscope (pip) Mar 20, 2025
A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao... Moderate Unreviewed
CVE-2024-8400 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database