Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,694 advisories

Loading
The SEO Tools WordPress plugin through 4.0.7 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2024-13853 was published Mar 11, 2025
SAP BusinessObjects Business Intelligence Platform allows an attacker to inject JavaScript code... Moderate Unreviewed
CVE-2025-0062 was published Mar 11, 2025
User management functionality in SAP NetWeaver Application Server Java is vulnerable to Stored... Moderate Unreviewed
CVE-2025-27431 was published Mar 11, 2025
Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated... High Unreviewed
CVE-2025-27434 was published Mar 11, 2025
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web... Moderate Unreviewed
CVE-2025-25245 was published Mar 11, 2025
SAP NetWeaver Application Server ABAP allows malicious scripts to be executed in the application,... Moderate Unreviewed
CVE-2025-25242 was published Mar 11, 2025
SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs,... Moderate Unreviewed
CVE-2025-26659 was published Mar 11, 2025
Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to... Moderate Unreviewed
CVE-2025-27924 was published Mar 11, 2025
A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute... Moderate Unreviewed
CVE-2025-25908 was published Mar 11, 2025
Concrete CMS affected by a stored XSS in Folder Function.The "Add Folder" functionality Moderate
CVE-2025-0660 was published for concrete5/concrete5 (Composer) Mar 10, 2025
LF Edge eKuiper allows Stored XSS in Rules Functionality Moderate
CVE-2024-52812 was published for github.com/lf-edge/ekuiper (Go) Mar 10, 2025
TheMostKnown ngjaying
A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10... Moderate Unreviewed
CVE-2024-53307 was published Mar 10, 2025
A Stored Cross Site Scripting (XSS) vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows... Moderate Unreviewed
CVE-2024-55199 was published Mar 10, 2025
Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. Moderate Unreviewed
CVE-2025-25620 was published Mar 10, 2025
Laravel framework susceptible to reflected cross-site scripting Moderate
CVE-2024-13918 was published for laravel/framework (Composer) Mar 10, 2025
DmitriyLewen xaldama
kalidor
Laravel framework susceptible to reflected cross-site scripting Moderate
CVE-2024-13919 was published for laravel/framework (Composer) Mar 10, 2025
The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote... Moderate Unreviewed
CVE-2025-2150 was published Mar 10, 2025
A vulnerability was found in OpenXE up to 1.12. It has been declared as problematic. This... Moderate Unreviewed
CVE-2025-2130 was published Mar 10, 2025
A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-2133 was published Mar 10, 2025
A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This... Moderate Unreviewed
CVE-2025-2131 was published Mar 10, 2025
A vulnerability, which was classified as problematic, was found in Control iD RH iD 25.2.25.0.... Moderate Unreviewed
CVE-2025-2124 was published Mar 9, 2025
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as... Moderate Unreviewed
CVE-2025-2127 was published Mar 9, 2025
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1.... Moderate Unreviewed
CVE-2025-2123 was published Mar 9, 2025
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-1324 was published Mar 8, 2025
The Gallery Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1783 was published Mar 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database