GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,861
Composer 4,778
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,636
npm 3,966
NuGet 713
pip 3,759
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 259,145

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,714 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47678 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47680 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47618 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-47673 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-48245 was published May 23, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-48286 was published May 23, 2025

The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... High Unreviewed

CVE-2024-2020 was published Mar 13, 2024

The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before... High Unreviewed

CVE-2024-13352 was published Feb 7, 2025

Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via... High Unreviewed

CVE-2025-30087 was published May 28, 2025

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed

CVE-2025-31500 was published May 28, 2025

Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed

CVE-2025-31501 was published May 28, 2025

Grafana Cross-Site-Scripting (XSS) via custom loaded frontend plugin High

CVE-2025-4123 was published for github.com/grafana/grafana (Go) May 22, 2025

The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross... High Unreviewed

CVE-2024-3600 was published Apr 19, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2024-2864 was published Mar 25, 2024

An issue has been discovered in GitLab EE that allows for cross-site-scripting attack and content... High Unreviewed

CVE-2025-1763 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry... High Unreviewed

CVE-2025-0602 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service... High Unreviewed

CVE-2025-4992 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in... High Unreviewed

CVE-2025-4988 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential... High Unreviewed

CVE-2025-4983 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio... High Unreviewed

CVE-2025-4985 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential... High Unreviewed

CVE-2025-4984 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from... High Unreviewed

CVE-2025-4989 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager... High Unreviewed

CVE-2025-4990 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry... High Unreviewed

CVE-2025-4991 was published May 30, 2025

A stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager... High Unreviewed

CVE-2025-4986 was published May 30, 2025

Previous 1 2 … 105 106 107 108 109 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,714 advisories