GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34,278 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Revive Adserver... Moderate Unreviewed

CVE-2025-27208 was published Oct 31, 2025

Reflected cross-site scripting vulnerability in Apache OFBiz. This issue affects Apache OFBiz:... Moderate Unreviewed

CVE-2025-61623 was published Nov 12, 2025

Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS)... Moderate Unreviewed

CVE-2022-35155 was published Oct 1, 2022

The Easy Email Subscription plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2025-11994 was published Nov 12, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed

CVE-2025-11962 was published Nov 12, 2025

Net-NTLM leak in Fireflow A32.20 and A32.50 allows an attacker to obtain victim’s domain... Moderate Unreviewed

CVE-2023-46595 was published Nov 2, 2023

The MembershipWorks – Membership, Events & Directory plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-12018 was published Nov 12, 2025

The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability,... Moderate Unreviewed

CVE-2025-12872 was published Nov 12, 2025

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote... Moderate Unreviewed

CVE-2025-12869 was published Nov 12, 2025

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics... High Unreviewed

CVE-2025-62211 was published Nov 11, 2025

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics... High Unreviewed

CVE-2025-62210 was published Nov 11, 2025

Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not... Moderate Unreviewed

CVE-2020-25761 was published May 24, 2022

CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2021-27129 was published May 24, 2022

phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site Scripting (XSS) via the... Moderate Unreviewed

CVE-2023-41537 was published Aug 30, 2023

Cross Site Scripting vulnerability in Hostel Management System v2.1 allows an attacker to execute... Moderate Unreviewed

CVE-2023-36375 was published Jul 10, 2023

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS... Moderate Unreviewed

CVE-2025-9227 was published Nov 11, 2025

Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is... Moderate Unreviewed

CVE-2025-12101 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41103 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41105 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41106 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41104 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41102 was published Nov 11, 2025

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an... Moderate Unreviewed

CVE-2025-41101 was published Nov 11, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-11960 was published Nov 11, 2025

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored... High Unreviewed

CVE-2025-7430 was published Nov 11, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,278 advisories