Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,901 advisories

Loading
Cross-Site Scripting in @toast-ui/editor High
GHSA-cr56-66mx-293v was published for @toast-ui/editor (npm) Sep 3, 2020
tdunlap607
Cross-Site Scripting in bootstrap-select High
GHSA-9r7h-6639-v5mw was published for bootstrap-select (npm) Sep 3, 2020
Cross-Site Scripting in @ionic/core High
GHSA-r3xc-47qg-h929 was published for @ionic/core (npm) Sep 3, 2020
Cross-Site Scripting in eco High
GHSA-r32x-jhw5-g48p was published for eco (npm) Sep 3, 2020
Cross-Site Scripting in graylog-web-interface High
GHSA-9qgh-7pgp-hp7r was published for graylog-web-interface (npm) Sep 3, 2020
Cross-Site Scripting in bleach High
GHSA-5634-rv46-48jf was published for bleach (npm) Sep 3, 2020
Cross-Site Scripting in jquery.json-viewer High
GHSA-v9wp-8r97-v6xg was published for jquery.json-viewer (npm) Sep 3, 2020
Cross-Site Scripting in takeapeek High
GHSA-4q2f-8g74-qm56 was published for takeapeek (npm) Sep 3, 2020
Cross-Site Scripting in bpmn-js-properties-panel High
GHSA-vpj4-89q8-rh38 was published for bpmn-js-properties-panel (npm) Sep 3, 2020
Cross-Site Scripting in cmmn-js-properties-panel High
GHSA-vmh4-322v-cfpc was published for cmmn-js-properties-panel (npm) Sep 3, 2020
Cross-Site Scripting in dmn-js-properties-panel High
GHSA-h9wr-xr4r-66fh was published for dmn-js-properties-panel (npm) Sep 3, 2020
Cross-Site Scripting in console-feed High
GHSA-g9wg-wq4f-2x5w was published for console-feed (npm) Sep 3, 2020
Cross-Site Scripting in snekserve High
GHSA-hv4w-jhcj-6wfw was published for snekserve (npm) Sep 3, 2020
Cross-Site Scripting in hexo-admin High
GHSA-phph-xpj4-wvcv was published for hexo-admin (npm) Sep 3, 2020
Cross-Site Scripting in markdown-to-jsx High
GHSA-ccrp-c664-8p4j was published for markdown-to-jsx (npm) Sep 3, 2020
Cross-Site Scripting in react High
GHSA-hg79-j56m-fxgv was published for react (npm) Sep 4, 2020
apostolos
Cross-Site Scripting in nextcloud-vue-collections High
GHSA-whv6-rj84-2vh2 was published for nextcloud-vue-collections (npm) Sep 4, 2020
Cross-Site Scripting in atlasboard-atlassian-package High
GHSA-25v4-mcx4-hh35 was published for atlasboard-atlassian-package (npm) Sep 4, 2020
Cross-Site Scripting in markdown-it-katex High
GHSA-5ff8-jcf9-fw62 was published for markdown-it-katex (npm) Sep 4, 2020
Cross-Site Scripting in serve High
GHSA-xw79-hhv6-578c was published for serve (npm) Sep 11, 2020
Cross-Site Scripting in node-red High
GHSA-5g6j-8hv4-vfgj was published for node-red (npm) Sep 11, 2020
Potential XSS injection In PrestaShop contactform High
CVE-2020-15178 was published for prestashop/contactform (Composer) Sep 15, 2020
Inline attribute values were not processed. High
CVE-2020-15263 was published for orchid/platform (Composer) Oct 19, 2020
Cross-Site Scripting in scratch-svg-renderer High
CVE-2020-7750 was published for scratch-svg-renderer (npm) Nov 9, 2020
Cross-Site Scripting through Fluid view helper arguments High
CVE-2020-26216 was published for typo3fluid/fluid (Composer) Nov 18, 2020
NamelessCoder jonaseberle
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database