Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,336 advisories

Loading
A vulnerability has been found in code-projects Project Monitoring System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-11124 was published Sep 29, 2025
A vulnerability was found in langleyfcu Online Banking System up to... Moderate Unreviewed
CVE-2025-11125 was published Sep 29, 2025
A security flaw has been discovered in itsourcecode Hostel Management System 1.0. Impacted is an... Moderate Unreviewed
CVE-2025-11119 was published Sep 28, 2025
A security vulnerability has been detected in PHPGurukul Employee Record Management System 1.3.... Moderate Unreviewed
CVE-2025-11112 was published Sep 28, 2025
A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-11067 was published Sep 27, 2025
A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-11069 was published Sep 27, 2025
A vulnerability was found in westboy CicadasCMS 1.0. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-11068 was published Sep 27, 2025
The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is... High Unreviewed
CVE-2025-9816 was published Sep 27, 2025
The Team Members plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the first... Moderate Unreviewed
CVE-2025-8440 was published Sep 27, 2025
IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2025-36239 was published Sep 27, 2025
PiranhaCMS stored XSS Moderate
CVE-2025-57692 was published for Piranha (NuGet) Sep 26, 2025
Sourcecodester Employee Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via ... Moderate Unreviewed
CVE-2025-26258 was published Sep 26, 2025
A vulnerability was identified in givanz Vvveb up to 1.0.7.2. Affected by this issue is some... Moderate Unreviewed
CVE-2025-11027 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-6396 was published Sep 26, 2025
Todoist v8484 contains a stored cross-site scripting (XSS) vulnerability in the avatar upload... Moderate Unreviewed
CVE-2025-57292 was published Sep 26, 2025
A vulnerability has been found in Total.js CMS up to 19.9.0. This impacts an unknown function of... Moderate Unreviewed
CVE-2025-11019 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60157 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60162 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60163 was published Sep 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18... High Unreviewed
CVE-2025-9642 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60158 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60179 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60184 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60160 was published Sep 26, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-60177 was published Sep 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database