GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,381
Composer 4,822
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,809
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,682

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

134,825 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39573 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39555 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional Payments for WooCommerce... Moderate Unreviewed

CVE-2025-39563 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39582 was published Apr 16, 2025

Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting... Moderate Unreviewed

CVE-2025-39552 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39579 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39578 was published Apr 16, 2025

Deserialization of Untrusted Data vulnerability in Melapress MelaPress Login Security allows... Moderate Unreviewed

CVE-2025-39565 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basic Interactive World Map... Moderate Unreviewed

CVE-2025-39517 was published Apr 16, 2025

Missing Authorization vulnerability in Sebastian Lee Dynamic Post allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-39522 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft ElementsReady Addons for Elementor... Moderate Unreviewed

CVE-2025-39546 was published Apr 16, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-39556 was published Apr 16, 2025

Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-39560 was published Apr 16, 2025

Missing Authorization vulnerability in WP Shuffle WP Subscription Forms allows Exploiting... Moderate Unreviewed

CVE-2025-39591 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39528 was published Apr 16, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-39514 was published Apr 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Yuya Hoshino Bulk Term Editor allows Cross... Moderate Unreviewed

CVE-2025-39512 was published Apr 16, 2025

A cross-site scripting (XSS) vulnerability in Ready_'s File Explorer upload functionality allows... Moderate Unreviewed

CVE-2025-1983 was published Apr 16, 2025

A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed

CVE-2025-3664 was published Apr 16, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed

CVE-2025-30740 was published Apr 15, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed

CVE-2025-30715 was published Apr 15, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported... Moderate Unreviewed

CVE-2025-30705 was published Apr 15, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services... Moderate Unreviewed

CVE-2025-30704 was published Apr 15, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported... Moderate Unreviewed

CVE-2025-21575 was published Apr 15, 2025

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo... Moderate Unreviewed

CVE-2025-21576 was published Apr 15, 2025

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

134,825 advisories