GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
285 advisories
Filter by severity
Cross-site Scripting in Weblate
Moderate
CVE-2022-24710
was published
for
Weblate
(pip)
Feb 25, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes
Moderate
GHSA-f7qw-5fgj-247x
was published
for
plone.app.contenttypes
(pip)
Feb 1, 2022
Cross-site Scripting in calibreweb
Moderate
CVE-2022-0352
was published
for
calibreweb
(pip)
Jan 29, 2022
Cross-site Scripting and Open Redirect in Products.CMFPlone
Moderate
GHSA-8w54-22w9-3g8f
was published
for
Products.CMFPlone
(pip)
Jan 28, 2022
Cross-site Scripting and Open Redirect in Products.ATContentTypes
Moderate
CVE-2022-23599
was published
for
Products.ATContentTypes
(pip)
Jan 28, 2022
Cross-site Scripting in Ericsson CodeChecker
Moderate
CVE-2021-44217
was published
for
codechecker
(pip)
Jan 21, 2022
OTF-001: Improper Input Sanitation: The path parameter of the requested URL is not sanitized before being passed to the QT frontend
Moderate
CVE-2022-21690
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Cross-site Scripting in django-cms
Moderate
CVE-2021-44649
was published
for
django-cms
(pip)
Jan 13, 2022
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through
Moderate
CVE-2021-43818
was published
for
lxml
(pip)
Dec 13, 2021
Cross-site Scripting in python-cjson
Moderate
CVE-2009-4924
was published
for
python-cjson
(pip)
Dec 6, 2021
Cross-site Scripting in django-wiki
Moderate
CVE-2021-25986
was published
for
wiki
(pip)
Dec 2, 2021
Cross-site scripting vulnerability in TinyMCE plugins
Moderate
CVE-2024-21910
was published
for
TinyMCE
(Composer)
Nov 2, 2021
Cross-site scripting in Unicorn framework
Moderate
CVE-2021-42053
was published
for
django-unicorn
(pip)
Oct 12, 2021
Cross-site Scripting in django-unicorn
Moderate
CVE-2021-42134
was published
for
django-unicorn
(pip)
Oct 12, 2021
Cross Site Scripting (XSS) in Simiki
Moderate
CVE-2020-19000
was published
for
simiki
(pip)
Sep 1, 2021
Cross Site Scripting (XSS) in Quokka
Moderate
CVE-2020-18702
was published
for
quokka
(pip)
Aug 30, 2021
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone
Moderate
CVE-2021-33507
was published
for
Plone
(pip)
Jun 18, 2021
Cross-site Scripting in Apache Airflow
Moderate
CVE-2021-28359
was published
for
apache-airflow
(pip)
Jun 18, 2021
Cross-site scripting in LocalStack
Moderate
CVE-2021-32091
was published
for
localstack
(pip)
Jun 18, 2021
Cross-site scripting in Contentful
Moderate
CVE-2020-13258
was published
for
contentful
(pip)
Jun 18, 2021
ProTip!
Advisories are also available from the
GraphQL API