Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
LdapCherry Cross-site Scripting vulnerbaility Moderate
CVE-2019-25095 was published for ldapcherry (pip) Jan 5, 2023
django-ucamlookup Cross-site Scripting vulnerability Moderate
CVE-2016-15010 was published for django-ucamlookup (pip) Jan 5, 2023
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4729 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4728 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4730 was published for graphite-web (pip) Dec 27, 2022
collective.contact.widget is vulnerable to cross-site scripting Moderate
CVE-2022-4638 was published for collective.contact.widget (pip) Dec 22, 2022
collective.task Cross-site Scripting vulnerability Moderate
CVE-2022-4527 was published for collective.task (pip) Dec 15, 2022
django-photologue vulnerable to Cross-site Scripting Moderate
CVE-2022-4526 was published for django-photologue (pip) Dec 15, 2022
collective.dms.basecontent Cross-site Scripting vulnerability Moderate
CVE-2022-4495 was published for collective.dms.basecontent (pip) Dec 14, 2022
pyRdfa3 Cross-site Scripting vulnerability Moderate
CVE-2022-4396 was published for pyRdfa3 (pip) Dec 10, 2022
XBlock vulnerable to Cross-Site Scripting (XSS) High
CVE-2022-46147 was published for xblock-drag-and-drop-v2 (pip) Dec 2, 2022
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled High
CVE-2022-41905 was published for wsgidav (pip) Nov 16, 2022
brunnjf
Apache Airflow Cross-site Scripting vulnerability Moderate
CVE-2022-43982 was published for apache-airflow (pip) Nov 2, 2022
Twisted vulnerable to NameVirtualHost Host header injection Moderate
CVE-2022-39348 was published for twisted (pip) Oct 26, 2022
westonsteimel
Inventree vulnerable to Stored Cross-site Scripting Moderate
CVE-2022-3355 was published for inventree (pip) Sep 30, 2022
Deluge Web-UI vulnerable to XSS through a crafted torrent file Moderate
CVE-2021-3427 was published for deluge (pip) Aug 27, 2022
nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths Moderate
CVE-2021-32862 was published for nbconvert (pip) Aug 10, 2022
pwntester
Fava vulnerable to reflected cross-site scripting Moderate
CVE-2022-2589 was published for fava (pip) Aug 2, 2022
Fava time and filter parameters vulnerable to reflected Cross-site Scripting Moderate
CVE-2022-2514 was published for fava (pip) Jul 26, 2022
Fava vulnerable to Reflected Cross-site Scripting Moderate
CVE-2022-2523 was published for fava (pip) Jul 26, 2022
Django REST framework XSS Vulnerability Moderate
CVE-2018-25045 was published for django-rest-framework (pip) Jul 24, 2022
Whoogle Search Cross-site Scripting via string parameter Moderate
CVE-2022-25303 was published for whoogle-search (pip) Jul 15, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares Moderate
GHSA-c58j-88f5-h53f was published for pycares (pip) Jul 5, 2022
XSS Vulnerability in Markdown Editor High
GHSA-85q9-7467-r53q was published for inventree (pip) Jun 17, 2022
Gaurav-G2
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database