Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,781
Maven
5,000+
npm
4,386
NuGet
772
pip
4,164
Pub
12
RubyGems
965
Rust
1,073
Swift
45
Unreviewed advisories
All unreviewed
5,000+

308,666 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62917 was published Oct 27, 2025
Missing Authorization vulnerability in Horea Radu One Page Express Companion one-page-express... Moderate Unreviewed
CVE-2025-62052 was published Oct 22, 2025
Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso... Moderate Unreviewed
CVE-2025-62071 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62069 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62923 was published Oct 27, 2025
Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows... High Unreviewed
CVE-2025-62946 was published Oct 27, 2025
Missing Authorization vulnerability in StellarWP Event Tickets event-tickets.This issue affects... Moderate Unreviewed
CVE-2025-62027 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62042 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-62015 was published Oct 22, 2025
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform SmartCrawl... Moderate Unreviewed
CVE-2025-62048 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62024 was published Oct 22, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque... Critical Unreviewed
CVE-2025-62023 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62058 was published Oct 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62060 was published Oct 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mejar WP Business Hours wp-business-hours... High Unreviewed
CVE-2025-62934 was published Oct 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62941 was published Oct 27, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-62029 was published Oct 22, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-62054 was published Oct 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in impleCode Product Catalog Simple post-type-x... Moderate Unreviewed
CVE-2025-62061 was published Oct 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Eduard Pinuaga Linares Did Prestashop Display... High Unreviewed
CVE-2025-62945 was published Oct 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62899 was published Oct 27, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62930 was published Oct 27, 2025
Deserialization of Untrusted Data vulnerability in BoldThemes Addison addison allows Object... Moderate Unreviewed
CVE-2025-60216 was published Oct 22, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-60217 was published Oct 22, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-60227 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database