Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Pallets Werkzeug cross-site scripting vulnerability Moderate
CVE-2016-10516 was published for Werkzeug (pip) May 14, 2022
jhutchings1
Airbnb Knowledge Repo XSS In Comments Moderate
CVE-2018-12104 was published for knowledge-repo (pip) May 14, 2022
Galaxy cross-site scripting (XSS) Moderate
CVE-2018-1000516 was published for galaxy-app (pip) May 14, 2022
Apache Airflow Reflected Cross-site Scripting vulnerability in 404 Endpoint Moderate
CVE-2017-12614 was published for apache-airflow (pip) May 14, 2022
Django Cross-site scripting Vulnerability Moderate
CVE-2016-6186 was published for django (pip) May 14, 2022
Plone XSS Moderate
CVE-2016-7136 was published for plone (pip) May 14, 2022
Plone Cross-site Scripting (XSS) vulnerability Moderate
CVE-2016-7139 was published for Plone (pip) May 14, 2022
Plone XSS Moderate
CVE-2016-7138 was published for plone (pip) May 14, 2022
Plone vulnerable to Cross-site Scripting Moderate
CVE-2016-7140 was published for Plone (pip) May 14, 2022
Cobbler XSS Vulnerability Moderate
CVE-2018-1000225 was published for cobbler (pip) May 14, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting Moderate
CVE-2014-0157 was published for horizon (pip) May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2015-6938 was published for ipython (pip) May 14, 2022
Ajenti Cross-site Scripting Via Filename Moderate
CVE-2018-18548 was published for ajenti (pip) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2019-9644 was published for jupyter-notebook (pip) May 14, 2022
MapProxy vulnerable to cross-site scripting in demo service Moderate
CVE-2017-1000426 was published for MapProxy (pip) May 13, 2022
Cobbler Arbitrary File Read Moderate
CVE-2016-9605 was published for cobbler (pip) May 13, 2022
Bodhi Cross-site Scripting Vulnerability Moderate
CVE-2017-1002152 was published for bodhi (pip) May 13, 2022
Improper Neutralization of Input During Web Page Generation in IPython Moderate
CVE-2015-4707 was published for ipython (pip) May 13, 2022
Kallithea cross-site scripting (XSS) vulnerability Moderate
CVE-2015-1864 was published for Kallithea (pip) May 13, 2022
Improper Neutralization of Input During Web Page Generation in LXML Moderate
CVE-2018-19787 was published for lxml (pip) May 13, 2022
Horizon-Orchestration Cross-site scripting (XSS) vulnerability through resource name Moderate
CVE-2014-3473 was published for horizon (pip) May 13, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability Low
CVE-2014-3474 was published for horizon (pip) May 13, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface Low
CVE-2014-3594 was published for horizon (pip) May 13, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability Moderate
CVE-2016-4428 was published for horizon (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database