GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
147 advisories
Filter by severity
Materialize-css vulnerable to Cross-site Scripting in autocomplete component
Moderate
CVE-2019-11003
was published
for
@materializecss/materialize
(npm)
Apr 9, 2019
Cross-Site Scripting in editor.md
Moderate
CVE-2019-9737
was published
for
editor.md
(npm)
Mar 14, 2019
m-server Vulnerable to Directory Traversal
Moderate
CVE-2018-16485
was published
for
m-server
(npm)
Feb 18, 2019
Downloads Resources over HTTP in arcanist
Moderate
CVE-2016-10683
was published
for
arcanist
(npm)
Feb 18, 2019
Cross-Site Scripting in html-pages
Moderate
CVE-2018-16481
was published
for
html-pages
(npm)
Feb 7, 2019
Tnantoka/public XSS Vulnerability
Moderate
CVE-2018-16480
was published
for
public
(npm)
Feb 7, 2019
Content Injection via TileJSON Name in mapbox.js
Moderate
CVE-2017-1000043
was published
for
mapbox-rails
(RubyGems)
Nov 9, 2018
Content Injection via TileJSON attribute in mapbox.js
Moderate
CVE-2017-1000042
was published
for
mapbox-rails
(RubyGems)
Nov 9, 2018
Directory Traversal in augustine
Moderate
CVE-2017-0930
was published
for
augustine
(npm)
Sep 18, 2018
Cross-Site Scripting in exceljs
Moderate
CVE-2018-16459
was published
for
exceljs
(npm)
Sep 11, 2018
Directory Traversal in easyquick
Moderate
CVE-2017-16109
was published
for
easyquick
(npm)
Aug 29, 2018
Remote Code Execution in markdown-pdf
Moderate
CVE-2018-3770
was published
for
markdown-pdf
(npm)
Jul 27, 2018
Moderate severity vulnerability that affects marked
Moderate
CVE-2017-17461
was published
for
marked
(npm)
Jan 4, 2018
•
withdrawn
Cross-Site Scripting in keystone
Moderate
CVE-2017-15878
was published
for
keystone
(npm)
Nov 15, 2017
Cross Site Scripting (XSS) in plotly.js
Moderate
CVE-2017-1000006
was published
for
plotly.js
(npm)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API