Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
CKEditor4 low-risk cross-site scripting (XSS) vulnerability linked to potential domain takeover Low
CVE-2024-43411 was published for ckeditor4 (npm) Aug 21, 2024
vxe-table Cross-site Scripting vulnerability Low
CVE-2023-1001 was published for vxe-table (npm) May 24, 2024
eslint-detailed-reporter vulnerable to cross-site scripting Low
CVE-2022-4942 was published for eslint-detailed-reporter (npm) Apr 20, 2023
Cross-Site Scripting in serialize-to-js Low
CVE-2019-16772 was published for serialize-to-js (npm) Dec 6, 2019
Cross-site Scripting in dijit editor's LinkDialog plugin Low
CVE-2020-4051 was published for dijit (npm) Jun 15, 2020
Alexxino MikeAnas
XSS in Vega Low
CVE-2020-26296 was published for vega (npm) Dec 30, 2020
jquery.terminal self XSS on user input Low
CVE-2021-43862 was published for jquery.terminal (npm) Jan 6, 2022
Nahiiko
Cross-site Scripting in bootstrap-table Low
CVE-2021-23472 was published for bootstrap-table (npm) Nov 8, 2021
Reflected Cross-Site Scripting in redis-commander Low
GHSA-8c8c-4vfj-rrpc was published for redis-commander (npm) Sep 1, 2020
sseide
methodOverride Middleware Reflected Cross-Site Scripting in connect Low
CVE-2013-7370 was published for connect (npm) Aug 31, 2020
Cross-Site Scripting in express-cart Low
GHSA-9pr3-7449-977r was published for express-cart (npm) Sep 2, 2020
DOM-based XSS in auth0-lock Low
CVE-2020-15119 was published for auth0-lock (npm) Aug 19, 2020
mvisat
Cross-Site Scripting in public Low
GHSA-7jfh-2xc9-ccv7 was published for public (npm) May 31, 2019
ProTip! Advisories are also available from the GraphQL API