Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,890 advisories

Loading
DOM-based XSS in gmail-js High
CVE-2016-1000228 was published for gmail-js (npm) Sep 1, 2020
Cross-Site Scripting in swagger-ui Critical
CVE-2016-5682 was published for swagger-ui (npm) Sep 1, 2020
Cross-Site Scripting in bootstrap-tagsinput High
CVE-2016-1000227 was published for bootstrap-tagsinput (npm) Sep 1, 2020
Cross-Site Scripting in swagger-ui Critical
CVE-2016-1000226 was published for swagger-ui (npm) Sep 1, 2020
Cross-Site Scripting in dojo Moderate
CVE-2008-6681 was published for dojo (npm) Sep 1, 2020
Multiple Content Injection Vulnerabilities in marked Moderate
CVE-2014-3743 was published for marked (npm) Aug 31, 2020
DataTable Vulnerable to Cross-Site Scripting High
CVE-2015-6584 was published for datatables (Composer) Aug 31, 2020
methodOverride Middleware Reflected Cross-Site Scripting in connect Low
CVE-2013-7370 was published for connect (npm) Aug 31, 2020
Cross Site Scripting and RCE in baserCMS Low
CVE-2020-15159 was published for baserproject/basercms (Composer) Aug 28, 2020
stypr
Cross-Site Scripting in dompurify Moderate
CVE-2019-16728 was published for dompurify (npm) Aug 28, 2020
Cross-Site Scripting in @novnc/novnc Moderate
CVE-2017-18635 was published for @novnc/novnc (npm) Aug 28, 2020
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings Low
CVE-2020-15155 was published for baserproject/basercms (Composer) Aug 28, 2020
Aquilao
Cross Site Scripting in baserCMS Low
CVE-2020-15154 was published for baserproject/basercms (Composer) Aug 28, 2020
Aquilao
Cross-Site Scripting in highcharts High
GHSA-gr4j-r575-g665 was published for highcharts (npm) Aug 25, 2020
Windforce17
DOM-based XSS in auth0-lock Low
CVE-2020-15119 was published for auth0-lock (npm) Aug 19, 2020
mvisat
Cross-Site Scripting in @progress/kendo-angular-editor High
GHSA-j7wp-vjj6-cp5m was published for @progress/kendo-angular-editor (npm) Aug 11, 2020
Cross-site scripting vulnerability in TinyMCE Moderate
CVE-2020-12648 was published for tinymce (npm) Aug 11, 2020
tdunlap607
Cross-Site Scripting in Prism High
CVE-2020-15138 was published for prismjs (npm) Aug 7, 2020
masatokinugawa
XSS via JQLite DOM manipulation functions in AngularJS Moderate
GHSA-5cp4-xmrw-59wf was published for angular (npm) Aug 5, 2020
koto masatokinugawa
Stored XSS in October Low
CVE-2020-11083 was published for october/backend (Composer) Aug 5, 2020
staz0t
Cross-site Scripting vulnerability in Kitodo.Presentation Moderate
CVE-2020-16095 was published for kitodo/presentation (Composer) Jul 31, 2020
ohader
Stored XSS in Apache Airflow Moderate
CVE-2020-9485 was published for apache-airflow (pip) Jul 27, 2020
Multiple stored XSS in RBAC Admin screens in Apache Airflow Moderate
CVE-2020-11983 was published for apache-airflow (pip) Jul 27, 2020
Cross-Site Scripting in Wagtail High
CVE-2020-15118 was published for wagtail (pip) Jul 20, 2020
acarasimon96
Stored XSS in TimelineJS3 High
CVE-2020-15092 was published for @knight-lab/timelinejs (npm) Jul 9, 2020
captainGeech42 JoeGermuska
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database