Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

123,312 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Missing Authorization vulnerability in Metagauss Event Kikfyre allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25110 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25117 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25136 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request... Moderate Unreviewed
CVE-2025-25143 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25082 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25080 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25091 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25097 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25079 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25085 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25096 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25095 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25094 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25078 was published Feb 7, 2025
Missing Authorization vulnerability in DeannaS Embed RSS allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-25081 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path... Moderate Unreviewed
CVE-2025-25093 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25098 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25105 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25073 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25077 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-25076 was published Feb 7, 2025
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through integer overflow. Moderate Unreviewed
CVE-2025-0302 was published Feb 7, 2025
The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for... Moderate Unreviewed
CVE-2024-13841 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database