Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
Whoogle Search Cross-site Scripting via string parameter Moderate
CVE-2022-25303 was published for whoogle-search (pip) Jul 15, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares Moderate
GHSA-c58j-88f5-h53f was published for pycares (pip) Jul 5, 2022
XSS Vulnerability in Markdown Editor High
GHSA-85q9-7467-r53q was published for inventree (pip) Jun 17, 2022
Gaurav-G2
Cross Site Scripting vulnerability in django-jsonform's admin form. High
GHSA-x9jp-4w8m-4f3c was published for django-jsonform (pip) Jun 10, 2022
Apache Superset Stored XSS on Dashboard markdown Moderate
CVE-2021-27907 was published for apache-superset (pip) May 24, 2022
Plone XSS Vulnerability Moderate
CVE-2021-29002 was published for plone (pip) May 24, 2022
Apache Superset Cross-site Scripting (XSS) vulnerability on the Explore page Moderate
CVE-2021-32609 was published for apache-superset (pip) May 24, 2022
Mezzanine Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-19002 was published for Mezzanine (pip) May 24, 2022
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-18699 was published for lin-cms (pip) May 24, 2022
Plone has stored XSS in folder contents Moderate
CVE-2021-35959 was published for plone (pip) May 24, 2022
Plone XSS in User Fullname Property and File Upload Moderate
CVE-2021-3313 was published for plone (pip) May 24, 2022
OctoPrint API Error Messages vulnerable to XSS Moderate
CVE-2021-32561 was published for OctoPrint (pip) May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Address column Moderate
CVE-2020-25449 was published for cabot (pip) May 24, 2022
Locust Stored Cross-site Scripting Vulnerability Moderate
CVE-2020-28364 was published for locust (pip) May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column High
CVE-2020-7734 was published for cabot (pip) May 24, 2022
Plone cross site scripting (XSS) Moderate
CVE-2020-7937 was published for Plone (pip) May 24, 2022
PyDio Stored XSS Vulnerability Moderate
CVE-2019-10047 was published for Pydio (pip) May 24, 2022
Cross-site Scripting in OctoPrint High
CVE-2022-1430 was published for OctoPrint (pip) May 19, 2022
Cross-site Scripting in OctoPrint High
CVE-2022-1432 was published for OctoPrint (pip) May 19, 2022
Plone Cross-site Scripting vulnerability in PortalTransforms Moderate
CVE-2010-2422 was published for Plone (pip) May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2010-2487 was published for moin (pip) May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability Moderate
CVE-2010-2970 was published for Moin (pip) May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability Moderate
CVE-2010-2969 was published for moin (pip) May 17, 2022
Mako contains Cross-site Scripting vulnerability Moderate
CVE-2010-2480 was published for mako (pip) May 17, 2022
Paste is vulnerable to Cross-site Scripting via vectors involving a 404 status code Moderate
CVE-2010-2477 was published for paste (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API