Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,465
Erlang
33
GitHub Actions
22
Go
2,164
Maven
5,000+
npm
3,821
NuGet
696
pip
3,503
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29,164 advisories

Loading
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1503 was published Mar 13, 2025
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-1561 was published Mar 13, 2025
The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-1559 was published Mar 13, 2025
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site... Moderate Unreviewed
CVE-2025-27915 was published Mar 12, 2025
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A Reflected Cross... Moderate Unreviewed
CVE-2025-27914 was published Mar 12, 2025
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution ... Moderate Unreviewed
CVE-2025-1527 was published Mar 12, 2025
The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is... Moderate Unreviewed
CVE-2024-12589 was published Mar 12, 2025
The Simple Amazon Affiliate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed
CVE-2025-2077 was published Mar 12, 2025
The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-2078 was published Mar 12, 2025
The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-2076 was published Mar 12, 2025
The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD... Moderate Unreviewed
CVE-2025-2205 was published Mar 12, 2025
A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as... Moderate Unreviewed
CVE-2025-2213 was published Mar 12, 2025
A vulnerability was found in aitangbao springboot-manager 3.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-2211 was published Mar 12, 2025
A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been classified as... Moderate Unreviewed
CVE-2025-2212 was published Mar 12, 2025
A vulnerability has been found in aitangbao springboot-manager 3.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-2210 was published Mar 12, 2025
A vulnerability was found in Microweber 2.0.19. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2025-2214 was published Mar 12, 2025
A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3... Moderate Unreviewed
CVE-2025-2209 was published Mar 12, 2025
A vulnerability, which was classified as problematic, has been found in aitangbao springboot... Moderate Unreviewed
CVE-2025-2208 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28929 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28936 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28943 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28918 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28908 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28914 was published Mar 11, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-28926 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database