Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29,940 advisories

Loading
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28,... Moderate Unreviewed
CVE-2025-36592 was published Oct 30, 2025
Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-5343 was published Oct 30, 2025
Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are vulnerable to Stored Cross... Moderate Unreviewed
CVE-2025-5347 was published Oct 30, 2025
URVE Smart Office is vulnerable to Stored XSS in report problem functionality. An attacker with a... Moderate Unreviewed
CVE-2025-10348 was published Oct 30, 2025
The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-12475 was published Oct 30, 2025
The LiteSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs... Moderate Unreviewed
CVE-2025-12450 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64291 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64289 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64204 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64194 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64208 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64200 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64220 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64197 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-64202 was published Oct 29, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49042 was published Oct 29, 2025
A reflected Cross-Site Scripting (XSS) vulnerability has been identified in Clear2Pay Bank... Moderate Unreviewed
CVE-2025-61080 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34318 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34317 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34315 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34314 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34316 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34313 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34306 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS)... Moderate Unreviewed
CVE-2025-34309 was published Oct 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database