Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Cross site scripting in zenml Low
CVE-2024-2171 was published for zenml (pip) Jun 6, 2024
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
Fides JavaScript Injection Vulnerability in Privacy Center URL Low
CVE-2023-46126 was published for ethyca-fides (pip) Oct 24, 2023
Zope management interface vulnerable to stored cross site scripting via the title property Low
CVE-2023-44389 was published for Zope (pip) Oct 4, 2023
dataflake drfho
icemac d-maurer
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait Low
GHSA-hc5c-r8m5-2gfh was published for plone.restapi (pip) Sep 21, 2023
plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-41048 was published for plone.namedfile (pip) Sep 21, 2023
msegoviag
Zope vulnerable to Stored Cross Site Scripting with SVG images Low
CVE-2023-42458 was published for Zope (pip) Sep 21, 2023
mauritsvanrees icemac
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column Low
CVE-2020-7734 was published for cabot (pip) May 24, 2022
Plone Cross-site scripting Vulnerability Low
CVE-2012-5502 was published for plone (pip) May 17, 2022
Loggerhead XSS via filename Low
CVE-2011-0728 was published for loggerhead (pip) May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Low
CVE-2011-1058 was published for moin (pip) May 17, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability Low
CVE-2014-3474 was published for horizon (pip) May 13, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface Low
CVE-2014-3594 was published for horizon (pip) May 13, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Low
CVE-2010-0828 was published for moin (pip) May 2, 2022
Low severity vulnerability that affects Plone Low
CVE-2011-1949 was published for Plone (pip) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API