GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
114 advisories
Filter by severity
Cross-Site Scripting in bracket-template
High
GHSA-jj6g-7j8p-7gf2
was published
for
bracket-template
(npm)
May 30, 2019
Cross-Site Scripting in react-svg
High
GHSA-8xqr-4cpm-wx7g
was published
for
react-svg
(npm)
May 31, 2019
Cross-Site Scripting (XSS) in cloudcmd
High
GHSA-m8fw-534v-xm85
was published
for
cloudcmd
(npm)
Jun 4, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-crfx-5phg-hmw9
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-hpfq-8wx8-cgqw
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-49r3-3h96-rwj6
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-site scripting vulnerability in TinyMCE
High
CVE-2020-17480
was published
for
tinymce
(npm)
Jan 30, 2020
Reflected XSS in GraphQL Playground
High
CVE-2020-4038
was published
for
graphql-playground-html
(npm)
Jun 9, 2020
Stored XSS in TimelineJS3
High
CVE-2020-15092
was published
for
@knight-lab/timelinejs
(npm)
Jul 9, 2020
Cross-Site Scripting in @progress/kendo-angular-editor
High
GHSA-j7wp-vjj6-cp5m
was published
for
@progress/kendo-angular-editor
(npm)
Aug 11, 2020
Cross-Site Scripting in highcharts
High
GHSA-gr4j-r575-g665
was published
for
highcharts
(npm)
Aug 25, 2020
DataTable Vulnerable to Cross-Site Scripting
High
CVE-2015-6584
was published
for
datatables
(Composer)
Aug 31, 2020
Cross-Site Scripting in bootstrap-tagsinput
High
CVE-2016-1000227
was published
for
bootstrap-tagsinput
(npm)
Sep 1, 2020
XSS in client rendered block templates in rendr
High
CVE-2016-1000230
was published
for
rendr
(npm)
Sep 1, 2020
ProTip!
Advisories are also available from the
GraphQL API