GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,600 advisories
Filter by severity
rails_admin ruby gem XSS
Moderate
CVE-2017-12098
was published
for
rails_admin
(RubyGems)
Mar 5, 2018
delayed_job_web Cross-site Scripting vulnerability
Moderate
CVE-2017-12097
was published
for
delayed_job_web
(RubyGems)
Mar 5, 2018
Cross-Site Scripting (XSS) in jquery
Moderate
CVE-2015-9251
was published
for
jQuery
(RubyGems)
Jan 22, 2018
Radiant CMS vulnerable to Cross-site Scripting
Moderate
CVE-2018-5216
was published
for
radiant
(RubyGems)
Jan 6, 2018
Marked vulnerable to XSS from data URIs
Moderate
CVE-2017-1000427
was published
for
marked
(npm)
Jan 4, 2018
Geminabox contains Cross-site Scripting
Moderate
CVE-2017-16792
was published
for
geminabox
(RubyGems)
Nov 29, 2017
Gemirro Stored XSS in Gemspec "homepage" value
Moderate
CVE-2017-16833
was published
for
gemirro
(RubyGems)
Nov 29, 2017
Cross-Site Scripting in keystone
Moderate
CVE-2017-15881
was published
for
keystone
(npm)
Nov 16, 2017
Cross-Site Scripting in keystone
Moderate
CVE-2017-15878
was published
for
keystone
(npm)
Nov 15, 2017
Moderate severity vulnerability that affects rails
Moderate
CVE-2007-3227
was published
for
rails
(RubyGems)
Oct 24, 2017
Moderate severity vulnerability that affects rails
Moderate
CVE-2009-4214
was published
for
rails
(RubyGems)
Oct 24, 2017
Rails actionpack gem vulnerable to Cross-site Scripting
Moderate
CVE-2011-0446
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Cross-site Scripting vulnerability in i18n translations helper method
Moderate
CVE-2011-4319
was published
for
actionpack
(RubyGems)
Oct 24, 2017
rails Cross-site Scripting vulnerability
Moderate
CVE-2011-2197
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Cross site scripting that affects rails
Moderate
CVE-2009-3009
was published
for
actionpack
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2011-2932
was published
for
activesupport
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-1098
was published
for
activesupport
(RubyGems)
Oct 24, 2017
Cross-site Scripting in actionpack
Moderate
CVE-2012-1099
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2011-2931
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Cross-site Scripting in jquery-ui
Moderate
CVE-2010-5312
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
i18n gem Cross-site Scripting vulnerability
Moderate
CVE-2013-4492
was published
for
i18n
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
RDoc contains XSS vulnerability
Moderate
CVE-2013-0256
was published
for
rdoc
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2012-3465
was published
for
actionpack
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API