Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,331 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-62659 was published Oct 22, 2025
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow... Low Unreviewed
CVE-2013-5223 was published May 17, 2022
Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited... Low Unreviewed
CVE-2025-27259 was published Oct 13, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-62653 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-62654 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2024-5532 was published Oct 28, 2024
SaTECH BCU, in its firmware version 2.1.3, could allow XSS attacks and other malicious resources... Low Unreviewed
CVE-2025-2865 was published Mar 28, 2025
SaTECH BCU in its firmware version 2.1.3 allows an attacker to inject malicious code into the... Low Unreviewed
CVE-2025-2864 was published Mar 28, 2025
Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11.4.0. This vulnerability... Low Unreviewed
CVE-2025-40632 was published May 16, 2025
Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12,... Low Unreviewed
CVE-2014-2370 was published May 17, 2022
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Low Unreviewed
CVE-2025-43488 was published Jul 23, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote... Low Unreviewed
CVE-2024-12923 was published Aug 29, 2025
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has... Low Unreviewed
CVE-2025-8751 was published Aug 9, 2025
The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP... Low Unreviewed
CVE-2025-4599 was published Aug 5, 2025
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37109 was published Jul 31, 2025
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37108 was published Jul 31, 2025
A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998... Low Unreviewed
CVE-2025-8206 was published Jul 26, 2025
A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA)... Low Unreviewed
CVE-2019-15253 was published May 24, 2022
The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules)... Low Unreviewed
CVE-2025-7672 was published Jul 15, 2025
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000... Low Unreviewed
CVE-2024-6344 was published Jun 26, 2024
In affected versions of Octopus Server error messages were handled unsafely on the error page. If... Low Unreviewed
CVE-2025-0513 was published Feb 11, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-53492 was published Jul 2, 2025
IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0... Low Unreviewed
CVE-2024-51472 was published Jan 6, 2025
Unprotected SAPUI5 applications allow an attacker with basic privileges to inject malicious HTML... Low Unreviewed
CVE-2025-42990 was published Jun 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database