Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

600 advisories

Loading
Arbitrary File Read in html-pdf High
CVE-2019-15138 was published for html-pdf (npm) Oct 11, 2019
Cross-Site Scripting in status-board Moderate
CVE-2019-15478 was published for status-board (npm) Sep 23, 2019
Status Board vulnerable to Cross-Site Scripting before v1.1.82 Moderate
CVE-2019-15479 was published for status-board (npm) Sep 23, 2019
tdunlap607
smartbanner.js rel noopener vulnerability Low
CVE-2025-25300 was published for smartbanner.js (npm) Sep 13, 2019
Cross-Site Scripting in dojo Moderate
CVE-2010-2273 was published for dojo (npm) Sep 11, 2019
Cross-Site Scripting in webtorrent Moderate
CVE-2019-15782 was published for webtorrent (npm) Sep 4, 2019
tdunlap607
Cross-Site Scripting in selectize-plugin-a11y Moderate
CVE-2019-15482 was published for selectize-plugin-a11y (npm) Aug 27, 2019
Cross-Site Scripting in cyberchef Moderate
CVE-2019-15532 was published for cyberchef (npm) Aug 27, 2019
Cross-site Scripting in pandao editor.md Moderate
CVE-2019-14517 was published for editor.md (npm) Aug 23, 2019
Cross-site Scripting in pandao Moderate
CVE-2019-14653 was published for editor.md (npm) Aug 23, 2019
Cross-Site Scripting in http-file-server Moderate
CVE-2019-5458 was published for http-file-server (npm) Jul 31, 2019
Cross-Site Scripting in min-http-server Moderate
CVE-2019-5457 was published for min-http-server (npm) Jul 31, 2019
Cross-Site Scripting in @nuxt/devalue Moderate
CVE-2019-13506 was published for @nuxt/devalue (npm) Jul 16, 2019
Cross-Site Scripting via JSONP Moderate
GHSA-28hp-fgcr-2r4h was published for angular (npm) Jun 27, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-49r3-3h96-rwj6 was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-hpfq-8wx8-cgqw was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-crfx-5phg-hmw9 was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting (XSS) in cloudcmd High
GHSA-m8fw-534v-xm85 was published for cloudcmd (npm) Jun 4, 2019
Cross-Site Scripting in react-svg High
GHSA-8xqr-4cpm-wx7g was published for react-svg (npm) May 31, 2019
Cross-Site Scripting in public Low
GHSA-7jfh-2xc9-ccv7 was published for public (npm) May 31, 2019
Cross-Site Scripting in bracket-template High
GHSA-jj6g-7j8p-7gf2 was published for bracket-template (npm) May 30, 2019
Cross-Site Scripting in bootbox Moderate
GHSA-87mg-h5r3-hw88 was published for bootbox (npm) May 30, 2019
Reflected Cross-Site Scripting in jquery.terminal Moderate
GHSA-2hwp-g4g7-mwwj was published for jquery.terminal (npm) May 29, 2019
Cross-Site Scripting in shave Moderate
CVE-2019-12313 was published for shave (npm) May 29, 2019
Cross-site Scripting in remarkable Moderate
CVE-2019-12043 was published for remarkable (npm) May 29, 2019
LeSuisse
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database