GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,411

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,704 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2025-23112 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in... Moderate Unreviewed

CVE-2025-23110 was published Jan 11, 2025

An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name,... Moderate Unreviewed

CVE-2025-23111 was published Jan 11, 2025

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2799 was published Apr 23, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-3889 was published Apr 23, 2024

The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-3645 was published Apr 22, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-2798 was published Apr 23, 2024

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13294 was published Jan 9, 2025

IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML... Moderate Unreviewed

CVE-2024-41752 was published Dec 18, 2024

Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8. Moderate Unreviewed

CVE-2023-3026 was published Jun 1, 2023

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13289 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13292 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13298 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13301 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13305 was published Jan 9, 2025

A cross-site scripting (XSS) vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute... Moderate Unreviewed

CVE-2024-42898 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13287 was published Jan 9, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2024-13286 was published Jan 9, 2025

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been rated as problematic.... Moderate Unreviewed

CVE-2024-13205 was published Jan 9, 2025

Cross Site Scripting vulnerability in LinZhaoguan pb-cms v.2.0 allows a remote attacker to... Moderate Unreviewed

CVE-2024-51229 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13183 was published Jan 10, 2025

The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-0311 was published Jan 10, 2025

A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows... Moderate Unreviewed

CVE-2024-56377 was published Jan 10, 2025

A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6... Moderate Unreviewed

CVE-2024-56376 was published Jan 10, 2025

An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open... Moderate Unreviewed

CVE-2023-23754 was published May 30, 2023

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,704 advisories