Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243,818 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag allows Stored XSS. This... High Unreviewed
CVE-2025-25153 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored... High Unreviewed
CVE-2025-25156 was published Feb 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-25155 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications allows... High Unreviewed
CVE-2025-25154 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS.... High Unreviewed
CVE-2025-25166 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS.... High Unreviewed
CVE-2025-25160 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow allows Stored XSS.... High Unreviewed
CVE-2025-25152 was published Feb 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-25163 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allows Stored XSS.... High Unreviewed
CVE-2025-25149 was published Feb 7, 2025
Missing Authorization vulnerability in blackandwhitedigital BookPress – For Book Authors allows... High Unreviewed
CVE-2025-25167 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress – For Book... High Unreviewed
CVE-2025-25168 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Phillip.Gooch Auto SEO allows Stored XSS. This... High Unreviewed
CVE-2025-25147 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored... High Unreviewed
CVE-2025-25140 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link allows Stored... High Unreviewed
CVE-2025-25148 was published Feb 7, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-25141 was published Feb 7, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-25159 was published Feb 7, 2025
Missing Authorization vulnerability in Melodic Media Slide Banners allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25120 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Missing Authorization vulnerability in Metagauss Event Kikfyre allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-25110 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request... Moderate Unreviewed
CVE-2025-25143 was published Feb 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-25151 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in zmseo ZMSEO allows Stored XSS. This issue... High Unreviewed
CVE-2025-25126 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database