Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

379 advisories

Loading
Multiple cross-site scripting (XSS) vulnerabilities in Roundup Moderate
CVE-2012-6133 was published for roundup (pip) Apr 23, 2022
westonsteimel
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc Moderate
GHSA-cf4q-4cqr-7g7w was published for xml2rfc (pip) Apr 22, 2022
Zope XSS Vulnerability Moderate
CVE-2011-4924 was published for zope (pip) Apr 22, 2022
Cross-site scripting in markdown2 for python Moderate
CVE-2009-3724 was published for markdown2 (pip) Apr 21, 2022
westonsteimel
Cross-site Scripting in FreeTAKServer-UI Moderate
CVE-2022-25507 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Apache Airflow Cross-site Scripting Vulnerability Moderate
CVE-2021-45229 was published for apache-airflow (pip) Feb 26, 2022
sunSUNQ
Cross-site Scripting in Weblate Moderate
CVE-2022-24710 was published for Weblate (pip) Feb 25, 2022
Cross-site Scripting in Django Moderate
CVE-2022-22818 was published for django (pip) Feb 4, 2022
tdunlap607
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
Cross-site Scripting in calibreweb Moderate
CVE-2022-0352 was published for calibreweb (pip) Jan 29, 2022
Cross-site Scripting and Open Redirect in Products.CMFPlone Moderate
GHSA-8w54-22w9-3g8f was published for Products.CMFPlone (pip) Jan 28, 2022
Cross-site Scripting and Open Redirect in Products.ATContentTypes Moderate
CVE-2022-23599 was published for Products.ATContentTypes (pip) Jan 28, 2022
calibre-web is vulnerable to Cross-site Scripting Moderate
CVE-2021-4170 was published for calibreweb (pip) Jan 21, 2022
Cross-site Scripting in Ericsson CodeChecker Moderate
CVE-2021-44217 was published for codechecker (pip) Jan 21, 2022
OTF-001: Improper Input Sanitation: The path parameter of the requested URL is not sanitized before being passed to the QT frontend Moderate
CVE-2022-21690 was published for onionshare-cli (pip) Jan 21, 2022
Cross-site Scripting in django-cms Moderate
CVE-2021-44649 was published for django-cms (pip) Jan 13, 2022
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through Moderate
CVE-2021-43818 was published for lxml (pip) Dec 13, 2021
pwntester
Cross-site Scripting in python-cjson Moderate
CVE-2009-4924 was published for python-cjson (pip) Dec 6, 2021
Cross-site Scripting in CKAN Moderate
CVE-2021-25967 was published for ckan (pip) Dec 3, 2021
django-helpdesk is vulnerable to Cross-site Scripting High
CVE-2021-3994 was published for django-helpdesk (pip) Dec 3, 2021
Cross-site Scripting in django-wiki Moderate
CVE-2021-25986 was published for wiki (pip) Dec 2, 2021
Cross-site Scripting in django-helpdesk High
CVE-2021-3950 was published for django-helpdesk (pip) Nov 23, 2021
Cross-site Scripting in django-helpdesk High
CVE-2021-3945 was published for django-helpdesk (pip) Nov 15, 2021
Stored XSS in Jupyter nbdime Moderate
CVE-2021-41134 was published for nbdime (npm) Nov 8, 2021
Cross-site scripting vulnerability in TinyMCE plugins Moderate
CVE-2024-21910 was published for TinyMCE (Composer) Nov 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database