GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,836 advisories
Filter by severity
Moderate severity vulnerability that affects mayan-edms
Moderate
CVE-2018-16407
was published
for
mayan-edms
(pip)
Sep 6, 2018
Moderate severity vulnerability that affects mayan-edms
Moderate
CVE-2018-16406
was published
for
mayan-edms
(pip)
Sep 6, 2018
Moderate severity vulnerability that affects org.owasp.antisamy:antisamy
Moderate
CVE-2016-10006
was published
for
org.owasp.antisamy:antisamy
(Maven)
Oct 18, 2018
Cross Site Scripting (XSS) in plotly.js
Moderate
CVE-2017-1000006
was published
for
plotly.js
(npm)
Oct 24, 2017
Cross-Site Scripting in editor.md
Moderate
CVE-2019-9737
was published
for
editor.md
(npm)
Mar 14, 2019
Moderate severity vulnerability that affects moin
Moderate
CVE-2017-5934
was published
for
moin
(pip)
Jan 4, 2019
Moderate severity vulnerability that affects validator
Moderate
CVE-2013-7453
was published
for
validator
(npm)
Oct 24, 2017
XSS Filter Bypass via Encoded URL in validator
Moderate
CVE-2014-9772
was published
for
validator
(npm)
Nov 6, 2018
Cross-Site Scripting in keystone
Moderate
CVE-2017-15878
was published
for
keystone
(npm)
Nov 15, 2017
Cross-Site Scripting in nunjucks
Moderate
CVE-2016-10547
was published
for
nunjucks
(npm)
Nov 6, 2018
Moderate severity vulnerability that affects total.js
Moderate
CVE-2019-10260
was published
for
total.js
(npm)
Apr 2, 2019
Cross-Site Scripting in keystone
Moderate
CVE-2017-15881
was published
for
keystone
(npm)
Nov 16, 2017
Moderate severity vulnerability that affects roundup
Moderate
CVE-2019-10904
was published
for
roundup
(pip)
Apr 9, 2019
Cross-Site Scripting in handlebars
Moderate
CVE-2015-8861
was published
for
handlebars
(npm)
Oct 23, 2018
VBScript Content Injection in marked
Moderate
CVE-2015-1370
was published
for
marked
(npm)
Oct 24, 2017
Cross-Site Scripting in morris.js
Moderate
CVE-2017-16022
was published
for
morris.js
(npm)
Nov 9, 2018
Low severity vulnerability that affects Plone
Low
CVE-2011-1949
was published
for
Plone
(pip)
Jul 23, 2018
Cross-Site Scripting in serialize-javascript
Moderate
CVE-2019-16769
was published
for
serialize-javascript
(npm)
Dec 5, 2019
Moderate severity vulnerability that affects DotNetNuke.Core
Moderate
CVE-2015-1566
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Cross-Site Scripting in @risingstack/protect
Moderate
CVE-2018-1000160
was published
for
@risingstack/protect
(npm)
Apr 25, 2018
Moderate severity vulnerability that affects mayan-edms
Moderate
CVE-2018-16405
was published
for
mayan-edms
(pip)
Sep 6, 2018
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
Moderate
CVE-2019-0224
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Apr 2, 2019
ProTip!
Advisories are also available from the
GraphQL API