Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,694 advisories

Loading
A vulnerability classified as problematic was found in Drivin Soluções up to 20250226. This... Moderate Unreviewed
CVE-2025-2335 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26972 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26548 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23744 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26555 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26554 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-26895 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26553 was published Mar 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-26556 was published Mar 16, 2025
The WP Test Email plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Email... High Unreviewed
CVE-2025-2325 was published Mar 15, 2025
The Traveler theme for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple... Moderate Unreviewed
CVE-2025-1773 was published Mar 15, 2025
The pixelstats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-2164 was published Mar 15, 2025
The Zoorum Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-2163 was published Mar 15, 2025
The Portfolio and Projects plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13847 was published Mar 15, 2025
JS Html Sanitizer allows XSS when used with contentEditable Moderate
CVE-2025-29771 was published for @jitbit/htmlsanitizer (npm) Mar 14, 2025
There is a reflected cross-site scripting (XSS) within JSP files used to control application... Moderate Unreviewed
CVE-2024-12020 was published Mar 14, 2025
The Leica Web Viewer within the Aperio Eslide Manager Application is vulnerable to reflected... Moderate Unreviewed
CVE-2025-1888 was published Mar 14, 2025
An improper neutralization of input during web page Generation vulnerability [CWE-79] in FortiOS... High Unreviewed
CVE-2024-26006 was published Mar 14, 2025
The DethemeKit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-1526 was published Mar 14, 2025
The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is... Moderate Unreviewed
CVE-2025-2166 was published Mar 14, 2025
MODX allows cross-site scripting (XSS) via an SVG file Low
CVE-2025-28010 was published for modx/revolution (Composer) Mar 13, 2025
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1503 was published Mar 13, 2025
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-1561 was published Mar 13, 2025
The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1559 was published Mar 13, 2025
Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin Moderate
CVE-2025-27867 was published for org.apache.felix:org.apache.felix.http.webconsoleplugin (Maven) Mar 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database