Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,885 advisories

Loading
Cross-site Scripting in Apache Zeppelin Moderate
CVE-2018-1328 was published for org.apache.zeppelin:zeppelin (Maven) Apr 24, 2019
Cross-site Scripting in Eclipse Jetty Moderate
CVE-2019-10241 was published for org.eclipse.jetty:jetty-server (Maven) Apr 23, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2019-0216 was published for apache-airflow (pip) Apr 12, 2019
sunSUNQ
Cross-Site Scripting in simple-markdown Moderate
CVE-2019-9844 was published for simple-markdown (npm) Apr 9, 2019
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
Materialize-css vulnerable to Cross-site Scripting in tooltip component Moderate
CVE-2019-11002 was published for @materializecss/materialize (npm) Apr 9, 2019
Materialize-css vulnerable to Cross-site Scripting in autocomplete component Moderate
CVE-2019-11003 was published for @materializecss/materialize (npm) Apr 9, 2019
erik-krogh
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation Moderate
CVE-2019-11004 was published for @materializecss/materialize (npm) Apr 9, 2019
ajaymahadeven
Cross-Site Scripting in buttle High
CVE-2019-5422 was published for buttle (npm) Apr 8, 2019
Moderate severity vulnerability that affects total.js Moderate
CVE-2019-10260 was published for total.js (npm) Apr 2, 2019
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main Moderate
CVE-2019-0224 was published for org.apache.jspwiki:jspwiki-main (Maven) Apr 2, 2019
Cross-Site Scripting in editor.md Moderate
CVE-2019-9737 was published for editor.md (npm) Mar 14, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Moderate severity vulnerability that affects org.b3log:symphony Moderate
CVE-2019-9142 was published for org.b3log:symphony (Maven) Mar 6, 2019
Bootstrap Vulnerable to Cross-Site Scripting Moderate
CVE-2019-8331 was published for Bootstrap.Less (RubyGems) Feb 22, 2019
Sanitization bypass using HTML Entities in marked Moderate
CVE-2016-10531 was published for marked (npm) Feb 18, 2019
Cross-Site Scripting in backbone Moderate
CVE-2016-10537 was published for backbone (npm) Feb 18, 2019
Cross-site Scripting in jspwiki-war Moderate
CVE-2018-20242 was published for org.apache.jspwiki:jspwiki-war (Maven) Feb 12, 2019
Cross-Site Scripting in m-server Moderate
CVE-2018-16484 was published for m-server (npm) Feb 7, 2019
Cross-Site Scripting in html-pages Moderate
CVE-2018-16481 was published for html-pages (npm) Feb 7, 2019
Tnantoka/public XSS Vulnerability Moderate
CVE-2018-16480 was published for public (npm) Feb 7, 2019
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Apache Airflow vulnerable to XSS Critical
CVE-2017-17836 was published for apache-airflow (pip) Jan 25, 2019
bootstrap Cross-site Scripting vulnerability Moderate
CVE-2018-20677 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
XSS vulnerability that affects bootstrap Moderate
CVE-2018-20676 was published for bootstrap (RubyGems) Jan 17, 2019
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database