Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,651
Erlang
34
GitHub Actions
26
Go
2,252
Maven
5,000+
npm
3,904
NuGet
702
pip
3,676
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26,727 advisories

Loading
The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-1054 was published Apr 23, 2025
The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor... Moderate Unreviewed
CVE-2025-2703 was published Apr 23, 2025
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-2345 was published May 2, 2024
A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net... Moderate Unreviewed
CVE-2025-43952 was published Apr 22, 2025
Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create... Moderate Unreviewed
CVE-2021-41943 was published Dec 13, 2022
A stored cross-site scripting (XSS) vulnerability in the New Goal Creation section of Volmarg... Moderate Unreviewed
CVE-2024-53569 was published Apr 22, 2025
Multiple XSS (CWE-79) Moderate Unreviewed
CVE-2025-23175 was published Apr 22, 2025
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2025-3457 was published Apr 22, 2025
The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2025-3458 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46253 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46254 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46235 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46240 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46229 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46236 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46226 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46233 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46225 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46227 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46238 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46237 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46228 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46239 was published Apr 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-46250 was published Apr 22, 2025
The WP Import Export Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-2839 was published Apr 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database