Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,177 advisories

Loading
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22320 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22355 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22326 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22358 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22324 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22353 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22357 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22359 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56289 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56299 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56296 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-51700 was published Jan 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-49633 was published Jan 7, 2025
Improper Neutralization of Input During CMS Backend (adminstrative section) Web Page Generation ... High Unreviewed
CVE-2024-11626 was published Jan 7, 2025
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is... High Unreviewed
CVE-2024-12633 was published Jan 7, 2025
The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege... High Unreviewed
CVE-2024-55074 was published Jan 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56014 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56267 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56023 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56026 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56022 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56024 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56025 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56018 was published Jan 2, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2024-56037 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database