GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,555

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

123,144 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22674 was published Feb 4, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22653 was published Feb 4, 2025

Missing Authorization vulnerability in FameThemes OnePress allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-22643 was published Feb 4, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22664 was published Feb 4, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22642 was published Feb 4, 2025

Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured... Moderate Unreviewed

CVE-2025-22730 was published Feb 4, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22662 was published Feb 4, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22641 was published Feb 4, 2025

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those... Moderate Unreviewed

CVE-2025-0825 was published Feb 4, 2025

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows... Moderate Unreviewed

CVE-2025-22206 was published Feb 4, 2025

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13699 was published Feb 4, 2025

Authentik project is vulnerable to Stored XSS attacks through uploading crafted SVG files that... Moderate Unreviewed

CVE-2024-11623 was published Feb 4, 2025

A race condition could have led to private browsing tabs being opened in normal browsing windows.... Moderate Unreviewed

CVE-2025-1013 was published Feb 4, 2025

Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2... Moderate Unreviewed

CVE-2024-10403 was published Feb 4, 2025

Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions Moderate

CVE-2025-23015 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025

Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions Moderate

CVE-2025-24860 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025

Apache Cassandra: unrestricted deserialization of JMX authentication credentials Moderate

CVE-2024-27137 was published for org.apache.cassandra:cassandra-all (Maven) Feb 4, 2025

The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2024-13733 was published Feb 4, 2025

The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2024-13510 was published Feb 4, 2025

The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13356 was published Feb 4, 2025

The SocialV - Social Network and Community BuddyPress Theme theme for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13529 was published Feb 4, 2025

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to... Moderate Unreviewed

CVE-2025-20891 was published Feb 4, 2025

Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows... Moderate Unreviewed

CVE-2025-20896 was published Feb 4, 2025

Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged... Moderate Unreviewed

CVE-2025-20900 was published Feb 4, 2025

Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers... Moderate Unreviewed

CVE-2025-20898 was published Feb 4, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

123,144 advisories