Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

34,918 advisories

Loading
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-4205 was published Jun 3, 2025
The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-5340 was published Jun 3, 2025
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-4420 was published Jun 3, 2025
The WP Plugin Info Card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-5116 was published Jun 3, 2025
Gokapi vulnerable to stored XSS via uploading file with malicious file name Moderate
CVE-2025-48494 was published for github.com/forceu/gokapi (Go) Jun 3, 2025
4rdr Forceu
Gokapi has stored XSS vulnerability in friendly name for API keys Moderate
CVE-2025-48495 was published for github.com/forceu/gokapi (Go) Jun 3, 2025
Forceu
The wpForo + wpForo Advanced Attachments plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-4224 was published Jun 3, 2025
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2025-3919 was published Jun 3, 2025
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in ... Moderate Unreviewed
CVE-2025-45387 was published Jun 2, 2025
A reflected cross-site scripting (XSS) vulnerability exists in multiple [Vendor Name] products... Moderate Unreviewed
CVE-2024-8008 was published Jun 2, 2025
A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2025-44115 was published Jun 2, 2025
In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20297 was published Jun 2, 2025
A stored cross-site scripting (XSS) vulnerability exists in the Management Console of multiple... Moderate Unreviewed
CVE-2024-3509 was published Jun 2, 2025
A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1... Moderate Unreviewed
CVE-2024-40114 was published Jun 2, 2025
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because... High Unreviewed
CVE-2024-57783 was published Jun 2, 2025
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic... Moderate Unreviewed
CVE-2025-5411 was published Jun 2, 2025
A vulnerability classified as problematic has been found in Mist Community Edition up to 4.7.1.... Moderate Unreviewed
CVE-2025-5412 was published Jun 2, 2025
A vulnerability classified as problematic was found in juzaweb CMS up to 3.4.2. Affected by this... Moderate Unreviewed
CVE-2025-5420 was published Jun 2, 2025
A vulnerability has been found in chaitak-gorai Blogbook up to... Moderate Unreviewed
CVE-2025-5407 was published Jun 1, 2025
A vulnerability, which was classified as problematic, has been found in chaitak-gorai Blogbook up... Moderate Unreviewed
CVE-2025-5405 was published Jun 1, 2025
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2025-2896 was published Jun 1, 2025
IBM Planning Analytics Local 2.0 and 2.1 is vulnerable to cross-site scripting. This... Moderate Unreviewed
CVE-2025-25044 was published Jun 1, 2025
A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2025-5383 was published May 31, 2025
A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic... Moderate Unreviewed
CVE-2025-5377 was published May 31, 2025
A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0.... Moderate Unreviewed
CVE-2025-5378 was published May 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database