GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
315 advisories
Filter by severity
Whoogle Search Cross-site Scripting via string parameter
Moderate
CVE-2022-25303
was published
for
whoogle-search
(pip)
Jul 15, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares
Moderate
GHSA-c58j-88f5-h53f
was published
for
pycares
(pip)
Jul 5, 2022
XSS Vulnerability in Markdown Editor
High
GHSA-85q9-7467-r53q
was published
for
inventree
(pip)
Jun 17, 2022
Cross Site Scripting vulnerability in django-jsonform's admin form.
High
GHSA-x9jp-4w8m-4f3c
was published
for
django-jsonform
(pip)
Jun 10, 2022
Apache Superset Stored XSS on Dashboard markdown
Moderate
CVE-2021-27907
was published
for
apache-superset
(pip)
May 24, 2022
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page
Moderate
CVE-2021-32609
was published
for
apache-superset
(pip)
May 24, 2022
Mezzanine Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-19002
was published
for
Mezzanine
(pip)
May 24, 2022
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-18699
was published
for
lin-cms
(pip)
May 24, 2022
Plone has stored XSS in folder contents
Moderate
CVE-2021-35959
was published
for
plone
(pip)
May 24, 2022
Plone XSS in User Fullname Property and File Upload
Moderate
CVE-2021-3313
was published
for
plone
(pip)
May 24, 2022
OctoPrint API Error Messages vulnerable to XSS
Moderate
CVE-2021-32561
was published
for
OctoPrint
(pip)
May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Address column
Moderate
CVE-2020-25449
was published
for
cabot
(pip)
May 24, 2022
Locust Stored Cross-site Scripting Vulnerability
Moderate
CVE-2020-28364
was published
for
locust
(pip)
May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column
High
CVE-2020-7734
was published
for
cabot
(pip)
May 24, 2022
Plone Cross-site Scripting vulnerability in PortalTransforms
Moderate
CVE-2010-2422
was published
for
Plone
(pip)
May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-2487
was published
for
moin
(pip)
May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability
Moderate
CVE-2010-2970
was published
for
Moin
(pip)
May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability
Moderate
CVE-2010-2969
was published
for
moin
(pip)
May 17, 2022
Mako contains Cross-site Scripting vulnerability
Moderate
CVE-2010-2480
was published
for
mako
(pip)
May 17, 2022
Paste is vulnerable to Cross-site Scripting via vectors involving a 404 status code
Moderate
CVE-2010-2477
was published
for
paste
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API