Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

27,836 advisories

Loading
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16407 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16406 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects org.owasp.antisamy:antisamy Moderate
CVE-2016-10006 was published for org.owasp.antisamy:antisamy (Maven) Oct 18, 2018
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
Cross-Site Scripting in editor.md Moderate
CVE-2019-9737 was published for editor.md (npm) Mar 14, 2019
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7453 was published for validator (npm) Oct 24, 2017
Cross-Site Scripting in glance Moderate
CVE-2018-3748 was published for glance (npm) Sep 27, 2018
XSS Filter Bypass via Encoded URL in validator Moderate
CVE-2014-9772 was published for validator (npm) Nov 6, 2018
Cross-Site Scripting in keystone Moderate
CVE-2017-15878 was published for keystone (npm) Nov 15, 2017
Cross-Site Scripting in public Moderate
CVE-2018-3747 was published for public (npm) Oct 10, 2018
Cross-Site Scripting in nunjucks Moderate
CVE-2016-10547 was published for nunjucks (npm) Nov 6, 2018
Moderate severity vulnerability that affects total.js Moderate
CVE-2019-10260 was published for total.js (npm) Apr 2, 2019
Cross-Site Scripting in keystone Moderate
CVE-2017-15881 was published for keystone (npm) Nov 16, 2017
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
Cross-Site Scripting in handlebars Moderate
CVE-2015-8861 was published for handlebars (npm) Oct 23, 2018
VBScript Content Injection in marked Moderate
CVE-2015-1370 was published for marked (npm) Oct 24, 2017
Cross-Site Scripting in morris.js Moderate
CVE-2017-16022 was published for morris.js (npm) Nov 9, 2018
Cross-Site Scripting in buttle High
CVE-2019-5422 was published for buttle (npm) Apr 8, 2019
Low severity vulnerability that affects Plone Low
CVE-2011-1949 was published for Plone (pip) Jul 23, 2018
Cross-Site Scripting in serialize-javascript Moderate
CVE-2019-16769 was published for serialize-javascript (npm) Dec 5, 2019
Moderate severity vulnerability that affects DotNetNuke.Core Moderate
CVE-2015-1566 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
Cross-Site Scripting in @risingstack/protect Moderate
CVE-2018-1000160 was published for @risingstack/protect (npm) Apr 25, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16405 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main Moderate
CVE-2019-0224 was published for org.apache.jspwiki:jspwiki-main (Maven) Apr 2, 2019
ProTip! Advisories are also available from the GraphQL API