Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,034
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

385 advisories

Loading
Improper Neutralization of Input During Web Page Generation in IPython Moderate
CVE-2015-4706 was published for ipython (pip) May 17, 2022
Plone Cross-site Scripting Vulnerability Moderate
CVE-2015-7316 was published for Plone (pip) May 17, 2022
Cross-site Scripting in Mistune Moderate
CVE-2017-15612 was published for mistune (pip) May 17, 2022
tdunlap607
Credited to tdunlap607
Django cross-site scripting (XSS) vulnerability via is_safe_url function Moderate
CVE-2013-6044 was published for Django (pip) May 17, 2022
lxml Cross-site Scripting Via Control Characters Moderate
CVE-2014-3146 was published for lxml (pip) May 14, 2022
joshbressers
Credited to joshbressers
OpenStack Horizon Cross-site Scripting (XSS) Moderate
CVE-2017-7400 was published for horizon (pip) May 14, 2022
Products.CMFPlone XSS in profile home_page property Moderate
CVE-2017-1000482 was published for Plone (pip) May 14, 2022
Pallets Werkzeug cross-site scripting vulnerability Moderate
CVE-2016-10516 was published for Werkzeug (pip) May 14, 2022
jhutchings1
Credited to jhutchings1
Airbnb Knowledge Repo XSS In Comments Moderate
CVE-2018-12104 was published for knowledge-repo (pip) May 14, 2022
Galaxy cross-site scripting (XSS) Moderate
CVE-2018-1000516 was published for galaxy-app (pip) May 14, 2022
Apache Airflow Reflected Cross-site Scripting vulnerability in 404 Endpoint Moderate
CVE-2017-12614 was published for apache-airflow (pip) May 14, 2022
Django Cross-site scripting Vulnerability Moderate
CVE-2016-6186 was published for django (pip) May 14, 2022
Plone XSS Moderate
CVE-2016-7136 was published for plone (pip) May 14, 2022
Plone Cross-site Scripting (XSS) vulnerability Moderate
CVE-2016-7139 was published for Plone (pip) May 14, 2022
Plone XSS Moderate
CVE-2016-7138 was published for plone (pip) May 14, 2022
Plone vulnerable to Cross-site Scripting Moderate
CVE-2016-7140 was published for Plone (pip) May 14, 2022
Cobbler XSS Vulnerability Moderate
CVE-2018-1000225 was published for cobbler (pip) May 14, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting Moderate
CVE-2014-0157 was published for horizon (pip) May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2015-6938 was published for ipython (pip) May 14, 2022
Ajenti Cross-site Scripting Via Filename Moderate
CVE-2018-18548 was published for ajenti (pip) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2019-9644 was published for jupyter-notebook (pip) May 14, 2022
MapProxy vulnerable to cross-site scripting in demo service Moderate
CVE-2017-1000426 was published for MapProxy (pip) May 13, 2022
Cobbler Arbitrary File Read Moderate
CVE-2016-9605 was published for cobbler (pip) May 13, 2022
Bodhi Cross-site Scripting Vulnerability Moderate
CVE-2017-1002152 was published for bodhi (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database