GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,467 advisories
Filter by severity
lxml vulnerable to Cross-Site Scripting
Moderate
CVE-2021-28957
was published
for
lxml
(pip)
Mar 22, 2021
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
Moderate
CVE-2021-43818
was published
for
lxml
(pip)
Dec 13, 2021
Creation of Temporary File With Insecure Permissions in logilab-commons
Moderate
CVE-2014-1839
was published
for
logilab-common
(pip)
May 14, 2022
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-18699
was published
for
lin-cms
(pip)
May 24, 2022
Locust Stored Cross-site Scripting Vulnerability
Moderate
CVE-2020-28364
was published
for
locust
(pip)
May 24, 2022
Cross-site scripting in LocalStack
Moderate
CVE-2021-32091
was published
for
localstack
(pip)
Jun 18, 2021
LdapCherry Cross-site Scripting vulnerbaility
Moderate
CVE-2019-25095
was published
for
ldapcherry
(pip)
Jan 5, 2023
OpenStack Keystone does not check signature TTL of the EC2 credential auth method
Moderate
CVE-2020-12692
was published
for
keystone
(pip)
May 24, 2022
Jupyter Notebook XSS via untrusted notebooks
Moderate
CVE-2018-19351
was published
for
notebook
(pip)
Nov 21, 2018
Moderate severity vulnerability that affects moin
Moderate
CVE-2017-5934
was published
for
moin
(pip)
Jan 4, 2019
Jupyter Notebook XSS via directory name
Moderate
CVE-2018-19352
was published
for
notebook
(pip)
Nov 21, 2018
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2016-7146
was published
for
moin
(pip)
May 17, 2022
Airbnb Knowledge Repo XSS In Comments
Moderate
CVE-2018-12104
was published
for
knowledge-repo
(pip)
May 14, 2022
Kallithea cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-1864
was published
for
Kallithea
(pip)
May 13, 2022
Apache Submarine Commons Utils has a hard-coded secret
Moderate
CVE-2024-36264
was published
for
apache-submarine
(Maven)
Jun 12, 2024
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-0828
was published
for
moin
(pip)
May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2011-1058
was published
for
moin
(pip)
May 17, 2022
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration
Moderate
CVE-2010-0668
was published
for
moin
(pip)
May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2016-9119
was published
for
moin
(pip)
May 17, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook
Moderate
CVE-2019-9644
was published
for
jupyter-notebook
(pip)
May 14, 2022
MoinMoin Multiple unrestricted file upload vulnerabilities
Moderate
CVE-2012-6081
was published
for
moin
(pip)
May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability
Moderate
CVE-2012-6082
was published
for
moin
(pip)
May 17, 2022
MoinMoin Multiple vulnerable to directory traversal
Moderate
CVE-2012-6495
was published
for
Moin
(pip)
May 17, 2022
MoinMoin Directory Traversal vulnerability
Moderate
CVE-2012-6080
was published
for
moin
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API