Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

288 advisories

Loading
Moderate severity vulnerability that affects Zope2 Moderate
CVE-2010-1104 was published for Zope2 (pip) Jul 23, 2018
Cross-Site Scripting in Wagtail Moderate
CVE-2020-15118 was published for wagtail (pip) Jul 20, 2020
acarasimon96
Cross-site Scripting and Open Redirect in Products.CMFPlone Moderate
GHSA-8w54-22w9-3g8f was published for Products.CMFPlone (pip) Jan 28, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc Moderate
GHSA-cf4q-4cqr-7g7w was published for xml2rfc (pip) Apr 22, 2022
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares Moderate
GHSA-c58j-88f5-h53f was published for pycares (pip) Jul 5, 2022
Apache Superset is vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2022-43718 was published for apache-superset (pip) Jan 16, 2023
Apache Superset vulnerable to Cross-site Scripting Moderate
CVE-2022-43717 was published for apache-superset (pip) Jan 16, 2023
Cross-site Scripting in FreeTAKServer-UI Moderate
CVE-2022-25507 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Roundup Moderate
CVE-2012-6133 was published for roundup (pip) Apr 23, 2022
westonsteimel
Twisted vulnerable to NameVirtualHost Host header injection Moderate
CVE-2022-39348 was published for twisted (pip) Oct 26, 2022
westonsteimel
Pallets Werkzeug cross-site scripting vulnerability Moderate
CVE-2016-10516 was published for Werkzeug (pip) May 14, 2022
jhutchings1
Cross-site scripting in Contentful Moderate
CVE-2020-13258 was published for contentful (pip) Jun 18, 2021
Cross-site Scripting in wagtail Moderate
CVE-2021-32681 was published for wagtail (pip) Jun 17, 2021
Cross-site Scripting in django-wiki Moderate
CVE-2021-25986 was published for wiki (pip) Dec 2, 2021
Inventree vulnerable to Stored Cross-site Scripting Moderate
CVE-2022-3355 was published for inventree (pip) Sep 30, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4728 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4729 was published for graphite-web (pip) Dec 27, 2022
Graphite Web Cross-site Scripting vulnerability Moderate
CVE-2022-4730 was published for graphite-web (pip) Dec 27, 2022
Cross-site Scripting in Ericsson CodeChecker Moderate
CVE-2021-44217 was published for codechecker (pip) Jan 21, 2022
Cross-site Scripting in kiwitcms Moderate
CVE-2022-4105 was published for kiwitcms (pip) Nov 21, 2022
Cross-site Scripting in Weblate Moderate
CVE-2022-24710 was published for Weblate (pip) Feb 25, 2022
Cross-site Scripting in pyload-ng Moderate
CVE-2023-0488 was published for pyload-ng (pip) Jan 27, 2023
OpenStack Swift Cross-site Scriping vulnerability Moderate
CVE-2014-3497 was published for swift (pip) May 17, 2022
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting Moderate
CVE-2014-0157 was published for horizon (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database