Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,701 advisories

Loading
DOM-based XSS in gmail-js High
CVE-2016-1000228 was published for gmail-js (npm) Sep 1, 2020
XSS in client rendered block templates in rendr High
CVE-2016-1000230 was published for rendr (npm) Sep 1, 2020
Cross-Site Scripting in hexo-admin High
GHSA-phph-xpj4-wvcv was published for hexo-admin (npm) Sep 3, 2020
Cross-Site Scripting in serve High
GHSA-xw79-hhv6-578c was published for serve (npm) Sep 11, 2020
Cross-Site Scripting in takeapeek High
GHSA-4q2f-8g74-qm56 was published for takeapeek (npm) Sep 3, 2020
Cross-Site Scripting in atlasboard-atlassian-package High
GHSA-25v4-mcx4-hh35 was published for atlasboard-atlassian-package (npm) Sep 4, 2020
Cross-Site Scripting in bootstrap-select High
GHSA-9r7h-6639-v5mw was published for bootstrap-select (npm) Sep 3, 2020
HTML Injection in marky-markdown High
GHSA-mg69-6j3m-jvgw was published for marky-markdown (npm) Sep 3, 2020
Cross-Site Scripting in mermaid High
GHSA-w32g-5hqp-gg6q was published for mermaid (npm) Sep 2, 2020
Cross-Site Scripting in scratch-svg-renderer High
CVE-2020-7750 was published for scratch-svg-renderer (npm) Nov 9, 2020
Cross-Site Scripting in ag-grid-community High
GHSA-7p6w-x2gr-rrf8 was published for ag-grid-community (npm) Sep 2, 2020
Cross-Site Scripting in @ionic/core High
GHSA-r3xc-47qg-h929 was published for @ionic/core (npm) Sep 3, 2020
Cross-Site Scripting in jquery.json-viewer High
GHSA-v9wp-8r97-v6xg was published for jquery.json-viewer (npm) Sep 3, 2020
Cross-Site Scripting in graylog-web-interface High
GHSA-9qgh-7pgp-hp7r was published for graylog-web-interface (npm) Sep 3, 2020
Cross-Site Scripting in bleach High
GHSA-5634-rv46-48jf was published for bleach (npm) Sep 3, 2020
Cross-Site Scripting in dmn-js-properties-panel High
GHSA-h9wr-xr4r-66fh was published for dmn-js-properties-panel (npm) Sep 3, 2020
Cross-Site Scripting in Prism High
CVE-2020-15138 was published for prismjs (npm) Aug 7, 2020
masatokinugawa
Cross-Site Scripting in snekserve High
GHSA-hv4w-jhcj-6wfw was published for snekserve (npm) Sep 3, 2020
Cross-Site Scripting in buefy High
GHSA-xwqw-rf2q-xmhf was published for buefy (npm) Sep 1, 2020
Cross-Site Scripting in jingo High
GHSA-mpjf-8cmf-p789 was published for jingo (npm) Sep 1, 2020
Cross-Site Scripting in md-data-table High
GHSA-hgr5-82rc-p936 was published for md-data-table (npm) Sep 1, 2020
Cross-Site Scripting in markdown-it-katex High
GHSA-5ff8-jcf9-fw62 was published for markdown-it-katex (npm) Sep 4, 2020
Cross-Site Scripting in htmr High
GHSA-f8rq-m28h-8hxj was published for htmr (npm) Sep 3, 2020
Cross-Site Scripting in jquery-mobile High
GHSA-fj93-7wm4-8x2g was published for jquery-mobile (npm) Sep 2, 2020
Cross-Site Scripting in wangeditor High
GHSA-g7mw-5cq6-fv82 was published for wangeditor (npm) Sep 2, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database