GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,098 advisories
Filter by severity
Cross-Site Scripting in @risingstack/protect
Moderate
CVE-2018-1000160
was published
for
@risingstack/protect
(npm)
Apr 25, 2018
Cross-Site Scripting in @ckeditor/ckeditor5-link
Moderate
CVE-2018-11093
was published
for
@ckeditor/ckeditor5-link
(npm)
May 23, 2018
Incorrect handling of CORS preflight request headers in hapi
Moderate
CVE-2015-9236
was published
for
hapi
(npm)
Jun 7, 2018
Information Exposure on Case Insensitive File Systems in serve
Moderate
CVE-2018-3809
was published
for
serve
(npm)
Jul 18, 2018
Cross-site Scripting (XSS) - Stored in crud-file-server
Moderate
CVE-2018-3726
was published
for
crud-file-server
(npm)
Jul 18, 2018
Invalid Curve Attack in node-jose
Moderate
CVE-2017-16007
was published
for
node-jose
(npm)
Jul 20, 2018
Cross-Site Scripting in i18next
Moderate
CVE-2017-16010
was published
for
i18next
(npm)
Jul 24, 2018
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Bypassing Sanitization using DOM clobbering in html-janitor
Moderate
CVE-2017-0928
was published
for
html-janitor
(npm)
Jul 24, 2018
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
Path Traversal in angular-http-server
Moderate
CVE-2018-3713
was published
for
angular-http-server
(npm)
Jul 26, 2018
Stored Cross-Site Scripting in simplehttpserver
Moderate
CVE-2018-3716
was published
for
simplehttpserver
(npm)
Jul 26, 2018
Remote Code Execution in markdown-pdf
Moderate
CVE-2018-3770
was published
for
markdown-pdf
(npm)
Jul 27, 2018
bracket-template vulnerable to reflected XSS
Moderate
CVE-2018-3735
was published
for
bracket-template
(npm)
Jul 27, 2018
Macro in MathJax running untrusted Javascript within a web browser
Moderate
CVE-2018-1999024
was published
for
mathjax
(npm)
Jul 27, 2018
Arbitrary File Write via Archive Extraction in unzipper
Moderate
CVE-2018-1002203
was published
for
unzipper
(npm)
Jul 27, 2018
Arbitrary File Write in adm-zip
Moderate
CVE-2018-1002204
was published
for
adm-zip
(npm)
Jul 27, 2018
Moderate severity vulnerability that affects is-my-json-valid
Moderate
GHSA-ccq6-3qx5-vmqx
was published
for
is-my-json-valid
(npm)
Jul 31, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API