Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,077 advisories

Loading
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-2404 was published Sep 16, 2025
A vulnerability has been found in pojoin h3blog up to 5bf704425ebc11f4c24da51f32f36bb17ae20489.... Moderate Unreviewed
CVE-2025-10485 was published Sep 16, 2025
Liferay Stored Cross-site Scripting vulnerability Moderate
CVE-2025-43802 was published for com.liferay.workspace:com.liferay.ticket.workspace (Maven) Sep 16, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-6947 was published Sep 16, 2025
A Clickjacking vulnerability exists in Rems' Employee Management System 1.0. This flaw allows... Moderate Unreviewed
CVE-2025-57117 was published Sep 16, 2025
Liferay Portal Cross-site Scripting (XSS) vulnerability Moderate
CVE-2025-43800 was published for com.liferay:com.liferay.dynamic.data.mapping.form.field.type (Maven) Sep 15, 2025
Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable to a stored Cross-Site... Moderate Unreviewed
CVE-2025-45091 was published Sep 15, 2025
Liferay Portal vulnerable to Cross-site Scripting Moderate
CVE-2025-43791 was published for com.liferay:com.liferay.dynamic.data.mapping.form.field.type (Maven) Sep 15, 2025
Cross Site Scripting (xss) vulnerability in ServitiumCRM 2.10 allowing attackers to execute... Moderate Unreviewed
CVE-2025-56252 was published Sep 15, 2025
Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2... Moderate Unreviewed
CVE-2025-52344 was published Sep 15, 2025
Stored XSS in n8n LangChain Chat Trigger Node via initialMessages Parameter Moderate
CVE-2025-58177 was published for n8n (npm) Sep 15, 2025
pfelilpe 5h0lm3s
Liferay Portal has stored cross-site scripting (XSS) vulnerability Moderate
CVE-2025-43794 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Sep 15, 2025
Stored cross-site scripting vulnerability in M-Files Hubshare before version 25.8 allows... High Unreviewed
CVE-2025-9826 was published Sep 15, 2025
A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the... Moderate Unreviewed
CVE-2025-10434 was published Sep 15, 2025
A vulnerability was detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19... Moderate Unreviewed
CVE-2025-10411 was published Sep 15, 2025
A vulnerability was identified in Selleo Mentingo 2025.08.27. This issue affects some unknown... Moderate Unreviewed
CVE-2025-10388 was published Sep 14, 2025
A vulnerability was found in Yida ECMS Consulting Enterprise Management System 1.0. This affects... Moderate Unreviewed
CVE-2025-10386 was published Sep 14, 2025
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The affected... Moderate Unreviewed
CVE-2025-10373 was published Sep 13, 2025
A weakness has been identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function... Moderate Unreviewed
CVE-2025-10372 was published Sep 13, 2025
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this issue is... Moderate Unreviewed
CVE-2025-10368 was published Sep 13, 2025
A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown... Moderate Unreviewed
CVE-2025-10369 was published Sep 13, 2025
A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability... Moderate Unreviewed
CVE-2025-10370 was published Sep 13, 2025
A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this... Moderate Unreviewed
CVE-2025-10367 was published Sep 13, 2025
A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function... Moderate Unreviewed
CVE-2025-10366 was published Sep 13, 2025
A vulnerability was found in cdevroe unmark up to 1.9.3. Impacted is an unknown function of the... Moderate Unreviewed
CVE-2025-10332 was published Sep 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database