Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,467 advisories

Loading
lxml vulnerable to Cross-Site Scripting Moderate
CVE-2021-28957 was published for lxml (pip) Mar 22, 2021
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through Moderate
CVE-2021-43818 was published for lxml (pip) Dec 13, 2021
pwntester
Creation of Temporary File With Insecure Permissions in logilab-commons Moderate
CVE-2014-1839 was published for logilab-common (pip) May 14, 2022
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-18699 was published for lin-cms (pip) May 24, 2022
Locust Stored Cross-site Scripting Vulnerability Moderate
CVE-2020-28364 was published for locust (pip) May 24, 2022
Cross-site scripting in LocalStack Moderate
CVE-2021-32091 was published for localstack (pip) Jun 18, 2021
LdapCherry Cross-site Scripting vulnerbaility Moderate
CVE-2019-25095 was published for ldapcherry (pip) Jan 5, 2023
OpenStack Keystone does not check signature TTL of the EC2 credential auth method Moderate
CVE-2020-12692 was published for keystone (pip) May 24, 2022
Jupyter Notebook XSS via untrusted notebooks Moderate
CVE-2018-19351 was published for notebook (pip) Nov 21, 2018
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Jupyter Notebook XSS via directory name Moderate
CVE-2018-19352 was published for notebook (pip) Nov 21, 2018
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2016-7146 was published for moin (pip) May 17, 2022
Airbnb Knowledge Repo XSS In Comments Moderate
CVE-2018-12104 was published for knowledge-repo (pip) May 14, 2022
Kallithea cross-site scripting (XSS) vulnerability Moderate
CVE-2015-1864 was published for Kallithea (pip) May 13, 2022
Apache Submarine Commons Utils has a hard-coded secret Moderate
CVE-2024-36264 was published for apache-submarine (Maven) Jun 12, 2024
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2010-0828 was published for moin (pip) May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2011-1058 was published for moin (pip) May 17, 2022
MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration Moderate
CVE-2010-0668 was published for moin (pip) May 2, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2016-9119 was published for moin (pip) May 17, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2019-9644 was published for jupyter-notebook (pip) May 14, 2022
MoinMoin Multiple unrestricted file upload vulnerabilities Moderate
CVE-2012-6081 was published for moin (pip) May 17, 2022
MoinMoin Improper Access Control Moderate
CVE-2012-4404 was published for moin (pip) May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-6082 was published for moin (pip) May 17, 2022
MoinMoin Multiple vulnerable to directory traversal Moderate
CVE-2012-6495 was published for Moin (pip) May 17, 2022
MoinMoin Directory Traversal vulnerability Moderate
CVE-2012-6080 was published for moin (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database