Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

274 advisories

Loading
Prevent XSS from Confidant API call Moderate
CVE-2024-45793 was published for confidant (pip) Sep 20, 2024
whu-lyft meng-han
alejandroroiz achantavy heryxpc anshumanbh bstewart-lyft reindaelman
Cross-site Scripting in invenio-communities Moderate
CVE-2019-1020005 was published for invenio-communities (pip) Jul 16, 2019
tdunlap607
Improper Neutralization of Input During Web Page Generation in html5lib Moderate
CVE-2016-9909 was published for html5lib (pip) May 17, 2022
Aim Stored XSS through TEXT EXPLORER Moderate
CVE-2024-8863 was published for aim (pip) Sep 16, 2024
Flask-Admin Cross-site Scripting vulnerability Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
Djiblets Cross-site scripting Vulnerability via JSON Objects Moderate
CVE-2014-3994 was published for Djblets (pip) May 17, 2022
Fava vulnerable to reflected cross-site scripting Moderate
CVE-2022-2589 was published for fava (pip) Aug 2, 2022
Fava vulnerable to Reflected Cross-site Scripting Moderate
CVE-2022-2523 was published for fava (pip) Jul 26, 2022
feedparser Cross-site Scripting vulnerability Moderate
CVE-2011-1158 was published for feedparser (pip) Jul 23, 2018
feedparser Cross-site Scripting vulnerability Moderate
CVE-2011-1157 was published for feedparser (pip) Jul 23, 2018
Fava time and filter parameters vulnerable to reflected Cross-site Scripting Moderate
CVE-2022-2514 was published for fava (pip) Jul 26, 2022
feedparser Cross-site Scripting vulnerability Moderate
CVE-2009-5065 was published for feedparser (pip) May 2, 2022
Django Cross-site Scripting in AdminURLFieldWidget Moderate
CVE-2019-12308 was published for Django (pip) Jun 10, 2019
sunSUNQ
XSS in Django Moderate
CVE-2020-13596 was published for Django (pip) Jun 5, 2020
tdunlap607
Cross-site Scripting in Django Moderate
CVE-2022-22818 was published for django (pip) Feb 4, 2022
tdunlap607
Header injection possible in Django Moderate
CVE-2021-32052 was published for Django (pip) Jun 9, 2021
Cross-site Scripting (XSS) in Django REST Framework Moderate
CVE-2020-25626 was published for djangorestframework (pip) Mar 19, 2021
Djblets Cross-site scripting Vulnerability Moderate
CVE-2014-3995 was published for Djblets (pip) May 17, 2022
Django Cross-site Scripting Vulnerability Moderate
CVE-2015-0220 was published for Django (pip) May 17, 2022
Django cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget Moderate
CVE-2013-4249 was published for django (pip) May 17, 2022
Django XSS Vulnerability Moderate
CVE-2016-2512 was published for Django (pip) May 17, 2022
MarkLee131
Django cross-site scripting (XSS) vulnerability via is_safe_url function Moderate
CVE-2013-6044 was published for Django (pip) May 17, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for Django (pip) Jan 4, 2019
MarkLee131
Django Cross-site Scripting Vulnerability Moderate
CVE-2015-2241 was published for django (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API