GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27,837 advisories
Filter by severity
Cross-Site Scripting (XSS) in cloudcmd
High
GHSA-m8fw-534v-xm85
was published
for
cloudcmd
(npm)
Jun 4, 2019
Cross-Site Scripting in JSPWiki
Moderate
CVE-2019-10076
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Jun 6, 2019
Cross-site Scripting in JSPWiki
Moderate
CVE-2019-10077
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Jun 6, 2019
Cross-site Scriptin in JSPWiki
Moderate
CVE-2019-10078
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Jun 6, 2019
Cross-site Scripting in Chartkick
Moderate
CVE-2019-12732
was published
for
chartkick
(RubyGems)
Jun 7, 2019
Cross-site Scripting in HAPI FHIR
Moderate
CVE-2019-12741
was published
for
ca.uhn.hapi.fhir:hapi-fhir-base
(Maven)
Jun 7, 2019
Django Cross-site Scripting in AdminURLFieldWidget
Moderate
CVE-2019-12308
was published
for
Django
(pip)
Jun 10, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-crfx-5phg-hmw9
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-hpfq-8wx8-cgqw
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-49r3-3h96-rwj6
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting via JSONP
Moderate
GHSA-28hp-fgcr-2r4h
was published
for
angular
(npm)
Jun 27, 2019
Cross-Site Scripting in @nuxt/devalue
Moderate
CVE-2019-13506
was published
for
@nuxt/devalue
(npm)
Jul 16, 2019
Cross-site scripting invenio-records
Moderate
CVE-2019-1020003
was published
for
invenio-records
(pip)
Jul 16, 2019
Cross-site Scripting in invenio-previewer
Moderate
CVE-2019-1020019
was published
for
invenio-previewer
(pip)
Jul 16, 2019
Cross-site Scripting in invenio-communities
Moderate
CVE-2019-1020005
was published
for
invenio-communities
(pip)
Jul 16, 2019
Cross-site scripting in CLEditor
Moderate
CVE-2019-1010113
was published
for
CLEditor
(NuGet)
Jul 26, 2019
Cross-Site Scripting in min-http-server
Moderate
CVE-2019-5457
was published
for
min-http-server
(npm)
Jul 31, 2019
Cross-Site Scripting in http-file-server
Moderate
CVE-2019-5458
was published
for
http-file-server
(npm)
Jul 31, 2019
Cross-site scripting in Apache Ranger
Moderate
CVE-2019-12397
was published
for
org.apache.ranger:ranger
(Maven)
Aug 16, 2019
Cross-site scripting in fat_free_crm
Moderate
CVE-2018-20975
was published
for
fat_free_crm
(RubyGems)
Aug 21, 2019
Cross-site scripting in recommender-xblock
Moderate
CVE-2018-20858
was published
for
recommender-xblock
(pip)
Aug 21, 2019
Cross-site Scripting in pandao
Moderate
CVE-2019-14653
was published
for
editor.md
(npm)
Aug 23, 2019
Cross-site Scripting in pandao editor.md
Moderate
CVE-2019-14517
was published
for
editor.md
(npm)
Aug 23, 2019
Cross-Site Scripting in cyberchef
Moderate
CVE-2019-15532
was published
for
cyberchef
(npm)
Aug 27, 2019
Cross-site Scripting in Ignite Realtime Openfire
Moderate
CVE-2019-15488
was published
for
org.igniterealtime.openfire:xmppserver
(Maven)
Aug 27, 2019
ProTip!
Advisories are also available from the
GraphQL API