GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
556 advisories
Filter by severity
Cross-site Scripting in yapi-vendor
Moderate
CVE-2018-17574
was published
for
yapi-vendor
(npm)
Nov 21, 2018
apollo-server-core vulnerable to URL-based XSS attack affecting IE11 on default landing page
Moderate
GHSA-2fvv-qxrq-7jq6
was published
for
apollo-server-core
(npm)
Aug 18, 2022
Read the Docs vulnerable to Cross-Site Scripting (XSS)
Moderate
GHSA-98pf-gfh3-x3mp
was published
for
readthedocs
(npm)
Nov 10, 2022
Cross-Site Scripting in simditor
Moderate
CVE-2018-19048
was published
for
simditor
(npm)
May 14, 2019
Reflected Cross-Site Scripting in jquery.terminal
Moderate
GHSA-2hwp-g4g7-mwwj
was published
for
jquery.terminal
(npm)
May 29, 2019
Cross-Site Scripting in bootbox
Moderate
GHSA-87mg-h5r3-hw88
was published
for
bootbox
(npm)
May 30, 2019
Cross-Site Scripting in react-svg
High
GHSA-8xqr-4cpm-wx7g
was published
for
react-svg
(npm)
May 31, 2019
Cross-Site Scripting in bracket-template
High
GHSA-jj6g-7j8p-7gf2
was published
for
bracket-template
(npm)
May 30, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-49r3-3h96-rwj6
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-hpfq-8wx8-cgqw
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting (XSS) in cloudcmd
High
GHSA-m8fw-534v-xm85
was published
for
cloudcmd
(npm)
Jun 4, 2019
Cross-Site Scripting in ids-enterprise
High
GHSA-crfx-5phg-hmw9
was published
for
ids-enterprise
(npm)
Jun 13, 2019
Cross-Site Scripting via JSONP
Moderate
GHSA-28hp-fgcr-2r4h
was published
for
angular
(npm)
Jun 27, 2019
Cross-Site Scripting in @nuxt/devalue
Moderate
CVE-2019-13506
was published
for
@nuxt/devalue
(npm)
Jul 16, 2019
Cross-Site Scripting in cyberchef
Moderate
CVE-2019-15532
was published
for
cyberchef
(npm)
Aug 27, 2019
Cross-Site Scripting in status-board
Moderate
CVE-2019-15478
was published
for
status-board
(npm)
Sep 23, 2019
Cross-Site Scripting in iobroker.web
Moderate
CVE-2019-10771
was published
for
iobroker.web
(npm)
Dec 2, 2019
Cross-Site Scripting in selectize-plugin-a11y
Moderate
CVE-2019-15482
was published
for
selectize-plugin-a11y
(npm)
Aug 27, 2019
XSS in dojox due to insufficient escape in dojox.xmpp.util.xmlEncode
Moderate
CVE-2019-10785
was published
for
dojox
(npm)
Feb 13, 2020
ProTip!
Advisories are also available from the
GraphQL API