Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,296 advisories

Loading
Bootstrap Vulnerable to Cross-Site Scripting Moderate
CVE-2019-8331 was published for Bootstrap.Less (RubyGems) Feb 22, 2019
uap-core Regular Expression Denial of Service issue Moderate
CVE-2018-20164 was published for uap-core (npm) Mar 6, 2019
Cross-Site Scripting in editor.md Moderate
CVE-2019-9737 was published for editor.md (npm) Mar 14, 2019
Moderate severity vulnerability that affects total.js Moderate
CVE-2019-10260 was published for total.js (npm) Apr 2, 2019
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation Moderate
CVE-2019-11004 was published for @materializecss/materialize (npm) Apr 9, 2019
ajaymahadeven
Materialize-css vulnerable to Cross-site Scripting in autocomplete component Moderate
CVE-2019-11003 was published for @materializecss/materialize (npm) Apr 9, 2019
erik-krogh
Materialize-css vulnerable to Cross-site Scripting in tooltip component Moderate
CVE-2019-11002 was published for @materializecss/materialize (npm) Apr 9, 2019
Cross-Site Scripting in simple-markdown Moderate
CVE-2019-9844 was published for simple-markdown (npm) Apr 9, 2019
Duplicate Advisory: Prototype Pollution in jquery Moderate
CVE-2019-5428 was published for jquery (RubyGems) Apr 23, 2019 withdrawn
kurt-r2c
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Rudloff
Cross-site Scripting in NodeBB Moderate
CVE-2015-9286 was published for nodebb (npm) May 1, 2019
Cross-Site Scripting in simditor Moderate
CVE-2018-19048 was published for simditor (npm) May 14, 2019
Cross-Site Scripting in webpack-bundle-analyzer Moderate
GHSA-pgr8-jg6h-8gw6 was published for webpack-bundle-analyzer (npm) May 23, 2019
tdunlap607
mysql Node.JS Module Vulnerable to Remote Memory Exposure Moderate
GHSA-5f7m-mmpc-qhh4 was published for mysql (npm) May 23, 2019
Cryptographically Weak PRNG in generate-password Moderate
GHSA-6qqf-vvcr-7qrv was published for generate-password (npm) May 23, 2019
Cross-Site Scripting (XSS) in Verdaccio Moderate
CVE-2019-14772 was published for verdaccio (npm) May 29, 2019
evilpacket
Cross-site Scripting in remarkable Moderate
CVE-2019-12043 was published for remarkable (npm) May 29, 2019
LeSuisse
Cross-Site Scripting in shave Moderate
CVE-2019-12313 was published for shave (npm) May 29, 2019
Out-of-bounds Read in concat-with-sourcemaps Moderate
GHSA-2xv3-h762-ccxv was published for concat-with-sourcemaps (npm) May 29, 2019
Reflected Cross-Site Scripting in jquery.terminal Moderate
GHSA-2hwp-g4g7-mwwj was published for jquery.terminal (npm) May 29, 2019
Cross-Site Scripting in bootbox Moderate
GHSA-87mg-h5r3-hw88 was published for bootbox (npm) May 30, 2019
Memory Exposure in tunnel-agent Moderate
GHSA-xc7v-wxcw-j472 was published for tunnel-agent (npm) Jun 3, 2019
Memory Exposure in concat-stream Moderate
GHSA-g74r-ffvr-5q9f was published for concat-stream (npm) Jun 3, 2019
Memory Exposure in bl Moderate
GHSA-wrw9-m778-g6mc was published for bl (npm) Jun 3, 2019
Remote Memory Exposure in floody Moderate
GHSA-3p92-886g-qxpq was published for floody (npm) Jun 4, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database