Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,722
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

34,779 advisories

Loading
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31500 was published May 28, 2025
Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via... High Unreviewed
CVE-2025-30087 was published May 28, 2025
Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component... Moderate Unreviewed
CVE-2025-1461 was published May 28, 2025
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31501 was published May 28, 2025
Argo CD allows cross-site scripting on repositories page Critical
CVE-2025-47933 was published for github.com/argoproj/argo-cd (Go) May 28, 2025
Ry0taK crenshaw-dev
Chrome PHP is missing encoding in `CssSelector` Moderate
GHSA-3432-fmrf-7vmh was published for chrome-php/chrome (Composer) May 28, 2025
divinity76 GrahamCampbell
enricodias
Reflected Cross-Site Scripting (XSS) vulnerability in Real Easy Store. This vulnerability allows... Moderate Unreviewed
CVE-2025-40651 was published May 28, 2025
The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed
CVE-2025-4963 was published May 28, 2025
The WP Attachments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-5082 was published May 28, 2025
IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site... Moderate Unreviewed
CVE-2024-45094 was published May 28, 2025
A flaw was found in Stackrox, where it is vulnerable to Cross-site scripting (XSS) if the script... Moderate Unreviewed
CVE-2025-5198 was published May 27, 2025
code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) via... Moderate Unreviewed
CVE-2025-46173 was published May 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-3704 was published May 27, 2025
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to XSS Moderate Unreviewed
CVE-2024-47090 was published May 27, 2025
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress... Moderate Unreviewed
CVE-2025-4682 was published May 27, 2025
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-4783 was published May 27, 2025
Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It... Moderate Unreviewed
CVE-2025-40663 was published May 26, 2025
Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager booking software. This allows... Moderate Unreviewed
CVE-2025-40652 was published May 26, 2025
A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been... Moderate Unreviewed
CVE-2025-5177 was published May 26, 2025
A vulnerability classified as problematic was found in Realce Tecnologia Queue Ticket Kiosk up to... Moderate Unreviewed
CVE-2025-5179 was published May 26, 2025
A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation... Moderate Unreviewed
CVE-2025-5181 was published May 26, 2025
Due to improper neutralization of input during web page generation (XSS) an unauthenticated... Moderate Unreviewed
CVE-2025-1985 was published May 26, 2025
A vulnerability, which was classified as problematic, has been found in CMS Made Simple 2.2.21.... Moderate Unreviewed
CVE-2025-5153 was published May 25, 2025
A vulnerability was found in Bitwarden up to 2.25.1. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-5138 was published May 25, 2025
A vulnerability classified as problematic has been found in Tmall Demo up to 20250505. Affected... Moderate Unreviewed
CVE-2025-5133 was published May 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database