Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Kiwi TCMS Stored Cross-site Scripting via SVG file High
CVE-2023-27489 was published for kiwitcms (pip) Mar 30, 2023
antoniospataro richardfan0606
Streamlit publishes previously-patched Cross-site Scripting vulnerability Moderate
CVE-2023-27494 was published for streamlit (pip) Mar 17, 2023
Cross-site Scripting in django-ajax-utilities Moderate
CVE-2017-20182 was published for django-ajax-utilities (pip) Mar 10, 2023
modoboa Cross-site Scripting vulnerability Moderate
CVE-2023-0949 was published for modoboa (pip) Feb 22, 2023
Stored cross site scripting in changedetection.io Moderate
CVE-2023-24769 was published for changedetection.io (pip) Feb 18, 2023
edoardottt
Mayan EDMS DMS XSS vulnerability Moderate
CVE-2022-47419 was published for mayan-edms (pip) Feb 8, 2023
Cross-site Scripting in modoboa Moderate
CVE-2023-0470 was published for modoboa (pip) Jan 27, 2023
Cross-site Scripting in pyload-ng Moderate
CVE-2023-0488 was published for pyload-ng (pip) Jan 27, 2023
Cross-site Scripting in modoboa Moderate
CVE-2023-0519 was published for modoboa (pip) Jan 27, 2023
Apache Superset vulnerable to Cross-site Scripting Moderate
CVE-2022-43717 was published for apache-superset (pip) Jan 16, 2023
Apache Superset is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2022-43718 was published for apache-superset (pip) Jan 16, 2023
LdapCherry Cross-site Scripting vulnerbaility Moderate
CVE-2019-25095 was published for ldapcherry (pip) Jan 5, 2023
django-ucamlookup Cross-site Scripting vulnerability Moderate
CVE-2016-15010 was published for django-ucamlookup (pip) Jan 5, 2023
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4730 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4729 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4728 was published for graphite-web (pip) Dec 27, 2022
collective.contact.widget is vulnerable to cross-site scripting Moderate
CVE-2022-4638 was published for collective.contact.widget (pip) Dec 22, 2022
django-photologue vulnerable to Cross-site Scripting Moderate
CVE-2022-4526 was published for django-photologue (pip) Dec 15, 2022
collective.task Cross-site Scripting vulnerability Moderate
CVE-2022-4527 was published for collective.task (pip) Dec 15, 2022
collective.dms.basecontent Cross-site Scripting vulnerability Moderate
CVE-2022-4495 was published for collective.dms.basecontent (pip) Dec 14, 2022
pyRdfa3 Cross-site Scripting vulnerability Moderate
CVE-2022-4396 was published for pyRdfa3 (pip) Dec 10, 2022
XBlock vulnerable to Cross-Site Scripting (XSS) High
CVE-2022-46147 was published for xblock-drag-and-drop-v2 (pip) Dec 2, 2022
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled High
CVE-2022-41905 was published for wsgidav (pip) Nov 16, 2022
brunnjf
Apache Airflow Cross-site Scripting vulnerability Moderate
CVE-2022-43982 was published for apache-airflow (pip) Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database