Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,212
NuGet
744
pip
3,988
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+

37,545 advisories

Loading
Opencast's Paella Player 7 is vulnerable to Cross-Site Scripting Moderate
CVE-2025-61788 was published for org.opencastproject:opencast-common (Maven) Oct 8, 2025
miesgre
Credited to miesgre
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-60318 was published Oct 8, 2025
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected... Moderate Unreviewed
CVE-2025-11485 was published Oct 8, 2025
Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a Stored Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-60314 was published Oct 8, 2025
Stored cross-site scripting (XSS) vulnerability in Forms in Liferay Portal 7.3.2 through 7.4.3... Moderate Unreviewed
CVE-2025-43830 was published Oct 8, 2025
Multiple cross-site scripting (XSS) vulnerabilities in the Notifications widget in Liferay Portal... Moderate Unreviewed
CVE-2025-43771 was published Oct 8, 2025
Stored cross-site scripting (XSS) vulnerability in diagram type products in Commerce in Liferay... Moderate Unreviewed
CVE-2025-43829 was published Oct 8, 2025
Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site Scripting (XSS) in the Enter... Moderate Unreviewed
CVE-2025-60313 was published Oct 8, 2025
Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via... Moderate Unreviewed
CVE-2025-61183 was published Oct 8, 2025
Novel-Plus up to 5.2.4 was discovered to contain a Stored Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2025-60298 was published Oct 8, 2025
Cross-site scripting (XSS) vulnerability in the Commerce Product Comparison Table widget in... Moderate Unreviewed
CVE-2025-43821 was published Oct 8, 2025
Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2025-60299 was published Oct 8, 2025
A security flaw has been discovered in itsourcecode Leave Management System 1.0. This impacts the... Moderate Unreviewed
CVE-2025-11433 was published Oct 8, 2025
A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this... Moderate Unreviewed
CVE-2025-11435 was published Oct 8, 2025
A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file ... Moderate Unreviewed
CVE-2025-11437 was published Oct 8, 2025
A flaw has been found in code-projects Voting System 1.0. The affected element is an unknown... Moderate Unreviewed
CVE-2025-11421 was published Oct 8, 2025
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected... Moderate Unreviewed
CVE-2025-11425 was published Oct 8, 2025
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to upload JavaScript or other... Moderate Unreviewed
CVE-2025-61999 was published Oct 8, 2025
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other... Moderate Unreviewed
CVE-2025-61998 was published Oct 8, 2025
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other... Moderate Unreviewed
CVE-2025-61997 was published Oct 8, 2025
OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to inject JavaScript or other... Moderate Unreviewed
CVE-2025-61996 was published Oct 8, 2025
Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7... Moderate Unreviewed
CVE-2025-43823 was published Oct 8, 2025
Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.15 through 7.4... Moderate Unreviewed
CVE-2025-43822 was published Oct 8, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-3448 was published Oct 7, 2025
A Cross-Site Scripting (XSS) vulnerability was found in the register.php page of PuneethReddyHC... Moderate Unreviewed
CVE-2025-56243 was published Oct 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database