Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,835
Erlang
36
GitHub Actions
33
Go
2,452
Maven
5,000+
npm
4,077
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32,707 advisories

Loading
Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a... Moderate Unreviewed
CVE-2025-53504 was published Aug 21, 2025
The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is... Moderate Unreviewed
CVE-2025-8607 was published Aug 21, 2025
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3... Moderate Unreviewed
CVE-2025-43746 was published Aug 20, 2025
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3... Moderate Unreviewed
CVE-2025-43757 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46932 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-46856 was published Aug 20, 2025
A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element is an unknown function of... Moderate Unreviewed
CVE-2025-9235 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46849 was published Aug 20, 2025
A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of... Moderate Unreviewed
CVE-2025-9237 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46962 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46852 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46998 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site... Moderate Unreviewed
CVE-2025-46936 was published Aug 20, 2025
A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown... Moderate Unreviewed
CVE-2025-9233 was published Aug 20, 2025
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown... Moderate Unreviewed
CVE-2025-9234 was published Aug 20, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site... Moderate Unreviewed
CVE-2025-47054 was published Aug 20, 2025
XWiki through version 17.3.0 is vulnerable to Server-Side Template Injection (SSTI) in the... High Unreviewed
CVE-2025-51991 was published Aug 20, 2025
XWiki through version 17.3.0 is affected by multiple stored Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-51990 was published Aug 20, 2025
QuickCMS.EXT is vulnerable to Reflected XSS in sFileName parameter in thumbnail viewer... Moderate Unreviewed
CVE-2025-54175 was published Aug 20, 2025
QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious... Moderate Unreviewed
CVE-2025-54172 was published Aug 20, 2025
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content High Unreviewed
CVE-2025-57731 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-54670 was published Aug 20, 2025
Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on... Moderate Unreviewed
CVE-2025-9225 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-54032 was published Aug 20, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-54027 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database