GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
298 advisories
Filter by severity
D-Tale allows Remote Code Execution through the Custom Filter Input
Moderate
CVE-2024-55890
was published
for
dtale
(pip)
Dec 13, 2024
Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality
Moderate
CVE-2024-53999
was published
for
mobsf
(pip)
Dec 3, 2024
pyspider Cross-site Scripting vulnerability
Moderate
CVE-2024-39162
was published
for
pyspider
(pip)
Nov 29, 2024
Mayan EDMS DMS XSS vulnerability
Moderate
CVE-2022-47419
was published
for
mayan-edms
(pip)
Feb 8, 2023
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability
Moderate
CVE-2015-3219
was published
for
horizon
(pip)
May 17, 2022
Galaxy cross-site scripting (XSS)
Moderate
CVE-2018-1000516
was published
for
galaxy-app
(pip)
May 14, 2022
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2008-3381
was published
for
moin
(pip)
May 1, 2022
Twisted vulnerable to NameVirtualHost Host header injection
Moderate
CVE-2022-39348
was published
for
twisted
(pip)
Oct 26, 2022
Mayan EDMS multiple cross-site scripting (XSS) vulnerabilities
Moderate
CVE-2014-3840
was published
for
mayan-edms
(pip)
May 17, 2022
Cross-site Scripting Vulnerability on Data Import
Moderate
CVE-2024-23633
was published
for
label-studio
(pip)
Jan 24, 2024
Zope Cross-site scripting (XSS) vulnerability in ZMI pages
Moderate
CVE-2009-5145
was published
for
Zope2
(pip)
May 2, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability
Moderate
CVE-2012-2094
was published
for
horizon
(pip)
May 17, 2022
Apache Airflow has a stored cross-site scripting vulnerability
Moderate
CVE-2023-47265
was published
for
apache-airflow
(pip)
Dec 21, 2023
django CMS Cross-Site Scripting (XSS)
Moderate
CVE-2024-11319
was published
for
django-cms
(pip)
Nov 18, 2024
django CMS Attributes Field Cross-site Scripting
Moderate
CVE-2024-11406
was published
for
djangocms-attributes-field
(pip)
Nov 20, 2024
Cross-site Scripting (XSS) - DOM in janeczku/calibre-web
Moderate
CVE-2021-3988
was published
for
calibreweb
(pip)
Nov 15, 2024
Pallets Werkzeug cross-site scripting vulnerability
Moderate
CVE-2016-10516
was published
for
Werkzeug
(pip)
May 14, 2022
Cross-site Scripting in Weblate
Moderate
CVE-2022-24710
was published
for
Weblate
(pip)
Feb 25, 2022
Cross-site Scripting in django-wiki
Moderate
CVE-2021-25986
was published
for
wiki
(pip)
Dec 2, 2021
calibre-web is vulnerable to Cross-site Scripting
Moderate
CVE-2021-4170
was published
for
calibreweb
(pip)
Jan 21, 2022
Cross-site Scripting in wagtail
Moderate
CVE-2021-32681
was published
for
wagtail
(pip)
Jun 17, 2021
html injection vulnerability in the `tuitse_html` function.
Moderate
CVE-2024-23341
was published
for
TuiTse-TsuSin
(pip)
Jan 22, 2024
Trac Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2008-3328
was published
for
trac
(pip)
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API