Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,891 advisories

Loading
Cross-Site Scripting in ternary conditional operator Moderate
CVE-2020-15241 was published for typo3/cms (Composer) Oct 8, 2020
billdagou NamelessCoder
Android WebView Universal Cross-site Scripting Moderate
CVE-2020-6506 was published for react-native-webview (npm) Oct 2, 2020
alesandroortiz
Non-persistent XSS in the Storefront in Shopware Low
GHSA-qvhr-55hg-3qwv was published for shopware/core (Composer) Sep 23, 2020
z1tr0t3c
Potential XSS in jQuery dependency in Mirador Moderate
GHSA-hgwm-pv9h-q5m7 was published for mirador (npm) Sep 18, 2020
Potential XSS injection In PrestaShop contactform High
CVE-2020-15178 was published for prestashop/contactform (Composer) Sep 15, 2020
Cross-Site Scripting in swagger-ui Moderate
GHSA-w992-2gmj-9xxj was published for swagger-ui (npm) Sep 11, 2020
Cross-Site Scripting in swagger-ui Moderate
GHSA-22q9-hqm5-mhmc was published for swagger-ui (npm) Sep 11, 2020
Cross-Site Scripting in node-red High
GHSA-5g6j-8hv4-vfgj was published for node-red (npm) Sep 11, 2020
Cross-Site Scripting in swagger-ui Moderate
GHSA-vp93-gcx5-4w52 was published for swagger-ui (npm) Sep 11, 2020
Cross-Site Scripting in swagger-ui Moderate
GHSA-388g-jwpg-x6j4 was published for swagger-ui (npm) Sep 11, 2020
Cross-Site Scripting in serve Moderate
GHSA-cpgr-wmr9-qxv4 was published for serve (npm) Sep 11, 2020
Cross-Site Scripting in swagger-ui Moderate
GHSA-4f9m-pxwh-68hg was published for swagger-ui (npm) Sep 11, 2020
tdunlap607
Cross-Site Scripting in diagram-js-direct-editing Moderate
GHSA-j8r2-2x94-2q67 was published for diagram-js-direct-editing (npm) Sep 11, 2020
Cross-Site Scripting in diagram-js Moderate
GHSA-8fw4-xh83-3j6q was published for diagram-js (npm) Sep 11, 2020
tdunlap607
Cross-Site Scripting in dojo Moderate
CVE-2015-5654 was published for dojo (npm) Sep 11, 2020
Command Injection in wizard-syncronizer Moderate
GHSA-wgw3-gf4p-62xc was published for wizard-syncronizer (npm) Sep 11, 2020
Cross-Site Scripting in serve High
GHSA-xw79-hhv6-578c was published for serve (npm) Sep 11, 2020
XSS in Action View Moderate
CVE-2020-15169 was published for actionview (RubyGems) Sep 11, 2020
jonathanhefner
Privilege Escalation in cordova-plugin-inappbrowser Critical
CVE-2019-0219 was published for cordova-plugin-inappbrowser (npm) Sep 4, 2020
Cross-Site Scripting in markdown-it-katex High
GHSA-5ff8-jcf9-fw62 was published for markdown-it-katex (npm) Sep 4, 2020
Cross-Site Scripting in @hapi/boom Moderate
GHSA-2ggq-vfcp-gwhj was published for @hapi/boom (npm) Sep 4, 2020
tdunlap607
Cross-Site Scripting in atlasboard-atlassian-package High
GHSA-25v4-mcx4-hh35 was published for atlasboard-atlassian-package (npm) Sep 4, 2020
Cross-Site Scripting in nextcloud-vue-collections High
GHSA-whv6-rj84-2vh2 was published for nextcloud-vue-collections (npm) Sep 4, 2020
Cross-Site Scripting in react Moderate
CVE-2013-7035 was published for react (npm) Sep 4, 2020
tdunlap607
Cross-Site Scripting in react High
GHSA-hg79-j56m-fxgv was published for react (npm) Sep 4, 2020
apostolos
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database