GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,326
Composer 4,815
Erlang 36
GitHub Actions 32
Go 2,401
Maven 5,798
npm 4,044
NuGet 723
pip 3,830
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,243

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

208 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed

CVE-2024-49343 was published Jul 28, 2025

SAP�BusinessObjects Business�Intelligence Platform (Web Intelligence) is vulnerable to HTML... Moderate Unreviewed

CVE-2025-31326 was published Jul 8, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-27358 was published Jul 4, 2025

IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1... Moderate Unreviewed

CVE-2025-2895 was published Jun 30, 2025

IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6... Moderate Unreviewed

CVE-2023-38007 was published Jun 27, 2025

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-4367 was published Jun 19, 2025

The Paged Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-5686 was published Jun 6, 2025

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ... Moderate Unreviewed

CVE-2025-23393 was published May 27, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could... Moderate Unreviewed

CVE-2025-33138 was published May 22, 2025

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed

CVE-2025-20267 was published May 21, 2025

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote... Moderate Unreviewed

CVE-2024-51475 was published May 16, 2025

The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-4126 was published May 15, 2025

The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-4168 was published May 3, 2025

The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder... Moderate Unreviewed

CVE-2025-3521 was published May 1, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-39524 was published Apr 16, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-32230 was published Apr 10, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-32200 was published Apr 4, 2025

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a... Moderate Unreviewed

CVE-2025-0272 was published Apr 3, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-30676 was published Apr 1, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31575 was published Mar 31, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31604 was published Mar 31, 2025

Duplicate Advisory: Leantime affected by Improper Neutralization of HTML Tags Moderate

GHSA-jf6p-4hgv-v6qh was published for leantime/leantime (Composer) Mar 28, 2025 • withdrawn

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31465 was published Mar 28, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31075 was published Mar 28, 2025

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and... Moderate Unreviewed

CVE-2025-1997 was published Mar 27, 2025

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

208 advisories