GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,246
Erlang
31
GitHub Actions
21
Go
2,010
Maven
5,000+
npm
3,719
NuGet
662
pip
3,391
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
424 advisories
Filter by severity
Cross-Site Scripting in react-svg
High
GHSA-8xqr-4cpm-wx7g
was published
for
react-svg
(npm)
May 31, 2019
Cross-Site Scripting in bracket-template
High
GHSA-jj6g-7j8p-7gf2
was published
for
bracket-template
(npm)
May 30, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-49r3-3h96-rwj6
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-hpfq-8wx8-cgqw
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting (XSS) in cloudcmd
High
GHSA-m8fw-534v-xm85
was published
for
cloudcmd
(npm)
Jun 4, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-crfx-5phg-hmw9
was published
for
ids-enterprise
(npm)
Jun 13, 2019
XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes
High
CVE-2019-18857
was published
for
enshrined/svg-sanitize
(Composer)
Jan 8, 2020
Reflected XSS in GraphQL Playground
High
CVE-2020-4038
was published
for
graphql-playground-html
(npm)
Jun 9, 2020
Stored XSS in TimelineJS3
High
CVE-2020-15092
was published
for
@knight-lab/timelinejs
(npm)
Jul 9, 2020
Cross-Site Scripting in @progress/kendo-angular-editor
High
GHSA-j7wp-vjj6-cp5m
was published
for
@progress/kendo-angular-editor
(npm)
Aug 11, 2020
Cross-Site Scripting (XSS) in pivottable
High
CVE-2016-1000241
was published
for
pivottable
(npm)
Sep 1, 2020
Cross-Site Scripting in bootstrap-tagsinput
High
CVE-2016-1000227
was published
for
bootstrap-tagsinput
(npm)
Sep 1, 2020
Cross-Site Scripting in node-red
High
GHSA-5g6j-8hv4-vfgj
was published
for
node-red
(npm)
Sep 11, 2020
Cross-Site Scripting in react-marked-markdown
High
GHSA-m7qm-r2r5-f77q
was published
for
react-marked-markdown
(npm)
Sep 1, 2020
Cross-Site Scripting in semantic-ui-search
High
GHSA-p9vv-3945-x93h
was published
for
semantic-ui-search
(npm)
Sep 2, 2020
Cross-Site Scripting in cmmn-js-properties-panel
High
GHSA-vmh4-322v-cfpc
was published
for
cmmn-js-properties-panel
(npm)
Sep 3, 2020
Cross-Site Scripting in bpmn-js-properties-panel
High
GHSA-vpj4-89q8-rh38
was published
for
bpmn-js-properties-panel
(npm)
Sep 3, 2020
Cross-Site Scripting in fomantic-ui
High
GHSA-788m-pj96-7w2c
was published
for
fomantic-ui
(npm)
Sep 2, 2020
ProTip!
Advisories are also available from the
GraphQL API