GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,105
Composer 4,793
Erlang 36
GitHub Actions 29
Go 2,380
Maven 5,714
npm 4,004
NuGet 720
pip 3,803
Pub 12
RubyGems 927
Rust 985
Swift 38

Unreviewed advisories

All unreviewed 262,334

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

158 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP�BusinessObjects Business�Intelligence Platform (Web Intelligence) is vulnerable to HTML... Moderate Unreviewed

CVE-2025-31326 was published Jul 8, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-27358 was published Jul 4, 2025

IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1... Moderate Unreviewed

CVE-2025-2895 was published Jun 30, 2025

IBM Cloud Pak System 2.3.5.0, 2.3.3.7, 2.3.3.7 iFix1 on Power and 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6... Moderate Unreviewed

CVE-2023-38007 was published Jun 27, 2025

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-4367 was published Jun 19, 2025

The Paged Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-5686 was published Jun 6, 2025

A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ... Moderate Unreviewed

CVE-2025-23393 was published May 27, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12 is vulnerable to HTML injection. A remote attacker could... Moderate Unreviewed

CVE-2025-33138 was published May 22, 2025

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed

CVE-2025-20267 was published May 21, 2025

IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to HTML injection. A remote... Moderate Unreviewed

CVE-2024-51475 was published May 16, 2025

The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-4126 was published May 15, 2025

The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-4168 was published May 3, 2025

The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder... Moderate Unreviewed

CVE-2025-3521 was published May 1, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-39524 was published Apr 16, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-32230 was published Apr 10, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-32200 was published Apr 4, 2025

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a... Moderate Unreviewed

CVE-2025-0272 was published Apr 3, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-30676 was published Apr 1, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31575 was published Mar 31, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31604 was published Mar 31, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31465 was published Mar 28, 2025

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... Moderate Unreviewed

CVE-2025-31075 was published Mar 28, 2025

IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, and... Moderate Unreviewed

CVE-2025-1997 was published Mar 27, 2025

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ... Moderate Unreviewed

CVE-2025-29426 was published Mar 17, 2025

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting ... Moderate Unreviewed

CVE-2025-29427 was published Mar 17, 2025

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

158 advisories