Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,655 advisories

Loading
The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1559 was published Mar 13, 2025
Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin Moderate
CVE-2025-27867 was published for org.apache.felix:org.apache.felix.http.webconsoleplugin (Maven) Mar 12, 2025
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site... Moderate Unreviewed
CVE-2025-27915 was published Mar 12, 2025
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Reflected Cross... Moderate Unreviewed
CVE-2025-27914 was published Mar 12, 2025
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution ... Moderate Unreviewed
CVE-2025-1527 was published Mar 12, 2025
The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is... Moderate Unreviewed
CVE-2024-12589 was published Mar 12, 2025
The Simple Amazon Affiliate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2025-2077 was published Mar 12, 2025
The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-2078 was published Mar 12, 2025
The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-2076 was published Mar 12, 2025
The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD... Moderate Unreviewed
CVE-2025-2205 was published Mar 12, 2025
A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as... Moderate Unreviewed
CVE-2025-2213 was published Mar 12, 2025
A vulnerability was found in aitangbao springboot-manager 3.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-2211 was published Mar 12, 2025
A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been classified as... Moderate Unreviewed
CVE-2025-2212 was published Mar 12, 2025
A vulnerability has been found in aitangbao springboot-manager 3.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-2210 was published Mar 12, 2025
A vulnerability was found in Microweber 2.0.19. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2025-2214 was published Mar 12, 2025
A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3... Moderate Unreviewed
CVE-2025-2209 was published Mar 12, 2025
A vulnerability, which was classified as problematic, has been found in aitangbao springboot... Moderate Unreviewed
CVE-2025-2208 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28929 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28936 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28943 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28918 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28908 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28914 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28926 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28930 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database