Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

118,965 advisories

Loading
A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR... Moderate Unreviewed
CVE-2025-0618 was published Apr 23, 2025
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible... Moderate Unreviewed
CVE-2025-0926 was published Apr 23, 2025
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a... Moderate Unreviewed
CVE-2025-1056 was published Apr 23, 2025
A vulnerability in the kernel of the Cray Operating System (COS) could allow an attacker to... Moderate Unreviewed
CVE-2025-27087 was published Apr 23, 2025
SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to... Moderate Unreviewed
CVE-2025-31328 was published Apr 22, 2025
SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data... Moderate Unreviewed
CVE-2025-31327 was published Apr 22, 2025
D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. Moderate Unreviewed
CVE-2025-29743 was published Apr 22, 2025
A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg... Moderate Unreviewed
CVE-2024-53569 was published Apr 22, 2025
A stored cross-site scripting (XSS) vulnerability in the Image Upload section of Volmarg Personal... Moderate Unreviewed
CVE-2024-53568 was published Apr 22, 2025
A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net... Moderate Unreviewed
CVE-2025-43952 was published Apr 22, 2025
A cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5 allows attackers to execute... Moderate Unreviewed
CVE-2023-43378 was published Apr 22, 2025
A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows... Moderate Unreviewed
CVE-2023-44753 was published Apr 22, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was discovered to contain a hardcoded password for the... Moderate Unreviewed
CVE-2025-28031 was published Apr 22, 2025
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2025-27907 was published Apr 22, 2025
Multiple XSS (CWE-79) Moderate Unreviewed
CVE-2025-23175 was published Apr 22, 2025
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2025-3457 was published Apr 22, 2025
The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed
CVE-2025-3472 was published Apr 22, 2025
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-3458 was published Apr 22, 2025
The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-11299 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46235 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46240 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46229 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46236 was published Apr 22, 2025
Missing Authorization vulnerability in alttextai Download Alt Text AI allows Exploiting... Moderate Unreviewed
CVE-2025-46232 was published Apr 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit... Moderate Unreviewed
CVE-2025-46231 was published Apr 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database