GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,029
Maven
5,000+
npm
3,732
NuGet
662
pip
3,408
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
297 advisories
Filter by severity
Moderate severity vulnerability that affects Zope2
Moderate
CVE-2010-1104
was published
for
Zope2
(pip)
Jul 23, 2018
Cross-site Scripting and Open Redirect in Products.CMFPlone
Moderate
GHSA-8w54-22w9-3g8f
was published
for
Products.CMFPlone
(pip)
Jan 28, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes
Moderate
GHSA-f7qw-5fgj-247x
was published
for
plone.app.contenttypes
(pip)
Feb 1, 2022
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc
Moderate
GHSA-cf4q-4cqr-7g7w
was published
for
xml2rfc
(pip)
Apr 22, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares
Moderate
GHSA-c58j-88f5-h53f
was published
for
pycares
(pip)
Jul 5, 2022
Apache Superset is vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2022-43718
was published
for
apache-superset
(pip)
Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting
Moderate
CVE-2022-43717
was published
for
apache-superset
(pip)
Jan 16, 2023
Cross-site Scripting in FreeTAKServer-UI
Moderate
CVE-2022-25507
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Roundup
Moderate
CVE-2012-6133
was published
for
roundup
(pip)
Apr 23, 2022
Cross-site scripting in Contentful
Moderate
CVE-2020-13258
was published
for
contentful
(pip)
Jun 18, 2021
Inventree vulnerable to Stored Cross-site Scripting
Moderate
CVE-2022-3355
was published
for
inventree
(pip)
Sep 30, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4729
was published
for
graphite-web
(pip)
Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4728
was published
for
graphite-web
(pip)
Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability
Moderate
CVE-2022-4730
was published
for
graphite-web
(pip)
Dec 27, 2022
Cross-site Scripting in Ericsson CodeChecker
Moderate
CVE-2021-44217
was published
for
codechecker
(pip)
Jan 21, 2022
Cross-site Scripting in kiwitcms
Moderate
CVE-2022-4105
was published
for
kiwitcms
(pip)
Nov 21, 2022
Cross-site Scripting in pyload-ng
Moderate
CVE-2023-0488
was published
for
pyload-ng
(pip)
Jan 27, 2023
OpenStack Swift Cross-site Scriping vulnerability
Moderate
CVE-2014-3497
was published
for
swift
(pip)
May 17, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting
Moderate
CVE-2014-0157
was published
for
horizon
(pip)
May 14, 2022
Whatsapp-Chat-Exporter has Cross-Site Scripting vulnerability in HTML output of chats.
Moderate
GHSA-8c6x-g4fw-8rf4
was published
for
Whatsapp-Chat-Exporter
(pip)
Jul 10, 2023
Django REST framework XSS Vulnerability
Moderate
CVE-2018-25045
was published
for
django-rest-framework
(pip)
Jul 24, 2022
Whoogle Search Cross-site Scripting via string parameter
Moderate
CVE-2022-25303
was published
for
whoogle-search
(pip)
Jul 15, 2022
Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Moderate
CVE-2013-2209
was published
for
reviewboard
(pip)
May 17, 2022
Apache Superset Stored XSS on Dashboard markdown
Moderate
CVE-2021-27907
was published
for
apache-superset
(pip)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API