GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,224 advisories
Filter by severity
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14041
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14042
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
Ckeditor XSS Vulnerability
Moderate
CVE-2018-17960
was published
for
ckeditor
(Composer)
Nov 21, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2016-10735
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
XSS vulnerability that affects bootstrap
Moderate
CVE-2018-20676
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-20677
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
Bootstrap Vulnerable to Cross-Site Scripting
Moderate
CVE-2019-8331
was published
for
Bootstrap.Less
(RubyGems)
Feb 22, 2019
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Moderate
CVE-2019-11358
was published
for
django
(RubyGems)
Apr 26, 2019
Moderate severity vulnerability that affects league/commonmark
Moderate
CVE-2019-10010
was published
for
league/commonmark
(Composer)
Sep 17, 2019
Access of Resource Using Incompatible Type ('Type Confusion') in yourls/yourls
Critical
CVE-2019-14537
was published
for
yourls/yourls
(Composer)
Sep 23, 2019
Missing Authorization in Drupal
Moderate
CVE-2017-6923
was published
for
drupal/core
(Composer)
Oct 10, 2019
Missing Authentication for Critical Function in LibreNMS
Moderate
CVE-2019-10668
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
Improper Encoding or Escaping of Output and Injection in LibreNMS
High
CVE-2019-12463
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
Exposure of Sensitive Information to an Unauthorized Actor in LibreNMS
Moderate
CVE-2019-10667
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
Path Traversal in LibreNMS
High
CVE-2019-12464
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in LibreNMS
High
CVE-2019-12465
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in LibreNMS
High
CVE-2019-10671
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
Cross-site Scripting in YII2-CMS
Moderate
CVE-2019-16130
was published
for
yii2mod/yii2-cms
(Composer)
Oct 14, 2019
Incorrect Access Control vulnerability in api-platform/core
Moderate
CVE-2019-1000011
was published
for
api-platform/core
(Composer)
Oct 14, 2019
Cross-site Scripting in Bolt
Moderate
CVE-2019-15485
was published
for
bolt/bolt
(Composer)
Nov 8, 2019
Cross-site scripting in Dolibarr
Moderate
CVE-2019-16197
was published
for
dolibarr/dolibarr
(Composer)
Nov 8, 2019
SQL Injection in SimpleSAMLphp
Critical
CVE-2019-15537
was published
for
cesnet/simplesamlphp-module-proxystatistics
(Composer)
Nov 8, 2019
Cross-site Scripting in Grav
Moderate
CVE-2019-16126
was published
for
getgrav/grav
(Composer)
Nov 8, 2019
Authorization Bypass Through User-Controlled Key in Bagisto
Moderate
CVE-2019-16403
was published
for
bagisto/bagisto
(Composer)
Nov 8, 2019
Signature validation bypass in XmlSecLibs
High
CVE-2019-3465
was published
for
robrichards/xmlseclibs
(Composer)
Nov 8, 2019
ProTip!
Advisories are also available from the
GraphQL API