Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,489
Maven
5,000+
npm
4,105
NuGet
735
pip
3,927
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

36,903 advisories

Loading
The Wilmer Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2025-9061 was published Sep 9, 2025
The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes... Moderate Unreviewed
CVE-2025-9058 was published Sep 9, 2025
Due to a Cross-Site Scripting (XSS) vulnerability in the SAP NetWeaver ABAP Platform, an... Moderate Unreviewed
CVE-2025-42938 was published Sep 9, 2025
A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and... Moderate Unreviewed
CVE-2025-43778 was published Sep 9, 2025
A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an... Moderate Unreviewed
CVE-2025-10117 was published Sep 9, 2025
Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management, an... Moderate Unreviewed
CVE-2025-42920 was published Sep 9, 2025
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay... Low Unreviewed
CVE-2025-43774 was published Sep 9, 2025
In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject... High Unreviewed
CVE-2025-45805 was published Sep 8, 2025
MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server High
CVE-2025-58444 was published for @modelcontextprotocol/inspector (npm) Sep 8, 2025
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-10099 was published Sep 8, 2025
A flaw has been found in Campcodes Sales and Inventory System 1.0. This affects an unknown part... Moderate Unreviewed
CVE-2025-9923 was published Sep 8, 2025
Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross... Critical Unreviewed
CVE-2025-52161 was published Sep 8, 2025
A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a... High Unreviewed
CVE-2025-55998 was published Sep 8, 2025
A vulnerability has been found in code-projects Fruit Shop Management System 1.0. Affected by... Moderate Unreviewed
CVE-2025-9845 was published Sep 8, 2025
Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to... Moderate Unreviewed
CVE-2025-40642 was published Sep 8, 2025
Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System,... Moderate Unreviewed
CVE-2025-40641 was published Sep 8, 2025
`sanitize-html` prior to version 2.0.0-beta is vulnerable to Cross-site Scripting (XSS). The ... Moderate Unreviewed
CVE-2019-25225 was published Sep 8, 2025
'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting (XSS). The function ... Moderate Unreviewed
CVE-2014-125128 was published Sep 8, 2025
A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an... Moderate Unreviewed
CVE-2025-10088 was published Sep 8, 2025
A security flaw has been discovered in SourceCodester Online Polling System 1.0. The impacted... Moderate Unreviewed
CVE-2025-10075 was published Sep 8, 2025
A vulnerability was identified in Portabilis i-Educar up to 2.10. The affected element is an... Moderate Unreviewed
CVE-2025-10074 was published Sep 8, 2025
A weakness has been identified in itsourcecode POS Point of Sale System 1.0. Impacted is an... Moderate Unreviewed
CVE-2025-10065 was published Sep 7, 2025
A security vulnerability has been detected in itsourcecode POS Point of Sale System 1.0. The... Moderate Unreviewed
CVE-2025-10066 was published Sep 7, 2025
A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue... Moderate Unreviewed
CVE-2025-10064 was published Sep 7, 2025
A vulnerability was detected in itsourcecode POS Point of Sale System 1.0. The impacted element... Moderate Unreviewed
CVE-2025-10067 was published Sep 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database