GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,792 advisories
bagisto has Cross Site Scripting (XSS) issue in TinyMCE Image Upload (HTML)
Moderate
CVE-2025-62415
was published
for
bagisto/bagisto
(Composer)
Oct 16, 2025
LibreNMS has a Stored XSS vulnerability in its Alert Transport name field
Moderate
CVE-2025-62411
was published
for
librenms/librenms
(Composer)
Oct 16, 2025
Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw
Moderate
CVE-2025-60868
was published
for
alt-design/alt-redirect
(Composer)
Oct 10, 2025
LibreNMS is vulnerable to Reflected-XSS in `report_this` function
Moderate
CVE-2025-62365
was published
for
librenms/librenms
(Composer)
Oct 13, 2025
Kimai API returns timesheet entries a user should not be authorized to view
Moderate
CVE-2024-29200
was published
for
kimai/kimai
(Composer)
Mar 29, 2024
Withdrawn Advisory: Bootstrap Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2024-6531
was published
for
bootstrap
(RubyGems)
Jul 11, 2024
•
withdrawn
MediaWiki Cargo Extension Cross-site Scripting vulnerability
Moderate
CVE-2024-23173
was published
for
mediawiki/cargo
(Composer)
Jan 12, 2024
Withdrawn Advisory: Bootstrap Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2024-6484
was published
for
bootstrap
(RubyGems)
Jul 11, 2024
•
withdrawn
Shopware 6 allows attackers to check for registered accounts through the store-api
Moderate
CVE-2025-30150
was published
for
shopware/core
(Composer)
Apr 8, 2025
ProTip!
Advisories are also available from the
GraphQL API