GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,251

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243,251 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-23596 was published Jan 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-23759 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows... High Unreviewed

CVE-2025-23977 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Brainvireinfo Dynamic URL SEO allows Cross... Moderate Unreviewed

CVE-2025-23985 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This... High Unreviewed

CVE-2025-23978 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS.... High Unreviewed

CVE-2025-23976 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS.... High Unreviewed

CVE-2025-23980 was published Jan 31, 2025

The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is... Moderate Unreviewed

CVE-2024-13157 was published Jan 31, 2025

The WP DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’... Moderate Unreviewed

CVE-2024-13566 was published Jan 31, 2025

Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Modules. This issue affects... Moderate Unreviewed

CVE-2024-44055 was published Jan 31, 2025

Missing Authorization vulnerability in mgplugin EMI Calculator allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22265 was published Jan 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-22332 was published Jan 31, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed

CVE-2025-22341 was published Jan 31, 2025

The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect... Moderate Unreviewed

CVE-2024-13530 was published Jan 31, 2025

The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2024-13623 was published Jan 31, 2025

An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed... High Unreviewed

CVE-2024-52875 was published Jan 31, 2025

Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query... Moderate Unreviewed

CVE-2024-53007 was published Jan 31, 2025

The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-11886 was published Jan 31, 2025

The Canvasflow for WordPress plugin through 1.5.5 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-12275 was published Jan 31, 2025

The Ninja Tables WordPress plugin before 5.0.17 does not sanitize and escape a parameter before... Unknown Unreviewed

CVE-2024-12772 was published Jan 31, 2025

The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-12872 was published Jan 31, 2025

The WP MediaTagger WordPress plugin through 4.1.1 does not validate and escape some of its... Moderate Unreviewed

CVE-2024-13101 was published Jan 31, 2025

The OPSI Israel Domestic Shipments WordPress plugin through 2.6.3 does not sanitise and escape a... Moderate Unreviewed

CVE-2024-13100 was published Jan 31, 2025

The WP MediaTagger WordPress plugin through 4.1.1 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-13112 was published Jan 31, 2025

The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before... Moderate Unreviewed

CVE-2024-13222 was published Jan 31, 2025

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243,251 advisories