Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,419
Maven
5,000+
npm
4,055
NuGet
723
pip
3,847
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

36,287 advisories

Loading
A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook... High Unreviewed
CVE-2025-51629 was published Aug 7, 2025
Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS)... Moderate Unreviewed
CVE-2023-41519 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS)... Moderate Unreviewed
CVE-2023-41529 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for... Moderate Unreviewed
CVE-2025-54395 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for... Moderate Unreviewed
CVE-2025-54392 was published Aug 7, 2025
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client... Moderate Unreviewed
CVE-2025-55133 was published Aug 7, 2025
In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora... Moderate Unreviewed
CVE-2025-55134 was published Aug 7, 2025
EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web... Moderate Unreviewed
CVE-2024-52680 was published Aug 7, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8581 was published Aug 7, 2025
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a... Moderate Unreviewed
CVE-2025-8580 was published Aug 7, 2025
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8579 was published Aug 7, 2025
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8577 was published Aug 7, 2025
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows... Moderate Unreviewed
CVE-2025-51053 was published Aug 6, 2025
AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss)... Moderate Unreviewed
CVE-2025-50740 was published Aug 6, 2025
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. High Unreviewed
CVE-2025-51624 was published Aug 6, 2025
A reflected cross-site scripting (XSS) vulnerability in Sage DPW v2024.12.003 allows attackers to... Moderate Unreviewed
CVE-2025-51531 was published Aug 6, 2025
The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-7727 was published Aug 6, 2025
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor... Moderate Unreviewed
CVE-2025-7399 was published Aug 6, 2025
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-7498 was published Aug 6, 2025
The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2025-8100 was published Aug 6, 2025
The Flex Guten plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-6256 was published Aug 6, 2025
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-6259 was published Aug 6, 2025
The WP Tournament Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-6690 was published Aug 6, 2025
The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-7502 was published Aug 6, 2025
Concrete CMS vulnerable to Reflected Cross-Site Scripting (XSS) in Conversation Messages Dashboard Page Moderate
CVE-2025-8571 was published for concrete5/concrete5 (Composer) Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database