GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
415 advisories
Filter by severity
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2025-20267
was published
May 21, 2025
IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote...
Moderate
Unreviewed
CVE-2024-51475
was published
May 16, 2025
The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ...
Moderate
Unreviewed
CVE-2025-4126
was published
May 15, 2025
The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2025-4168
was published
May 3, 2025
The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder...
Moderate
Unreviewed
CVE-2025-3521
was published
May 1, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-39524
was published
Apr 16, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-32230
was published
Apr 10, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-32200
was published
Apr 4, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
High
Unreviewed
CVE-2025-31384
was published
Apr 4, 2025
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a...
Moderate
Unreviewed
CVE-2025-0272
was published
Apr 3, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-30676
was published
Apr 1, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-31575
was published
Mar 31, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-31604
was published
Mar 31, 2025
Duplicate Advisory: Leantime affected by Improper Neutralization of HTML Tags
Moderate
GHSA-jf6p-4hgv-v6qh
was published
for
leantime/leantime
(Composer)
Mar 28, 2025
•
withdrawn
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
High
Unreviewed
CVE-2025-22501
was published
Mar 28, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-31465
was published
Mar 28, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in...
Moderate
Unreviewed
CVE-2025-31075
was published
Mar 28, 2025
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and...
Moderate
Unreviewed
CVE-2025-1997
was published
Mar 27, 2025
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ...
Moderate
Unreviewed
CVE-2025-29426
was published
Mar 17, 2025
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ...
Moderate
Unreviewed
CVE-2025-29427
was published
Mar 17, 2025
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ...
Moderate
Unreviewed
CVE-2025-29430
was published
Mar 17, 2025
Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ...
Low
Unreviewed
CVE-2025-29431
was published
Mar 17, 2025
The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for...
High
Unreviewed
CVE-2024-13497
was published
Mar 15, 2025
An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise...
Moderate
Unreviewed
CVE-2025-25363
was published
Mar 13, 2025
A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User...
Moderate
Unreviewed
CVE-2025-28015
was published
Mar 13, 2025
ProTip!
Advisories are also available from the
GraphQL API