GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,601 advisories
Filter by severity
actionview Cross-site Scripting vulnerability
Moderate
CVE-2016-6316
was published
for
actionview
(RubyGems)
Oct 24, 2017
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
Moderate
CVE-2016-7103
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
Cross Site Scripting (XSS) in plotly.js
Moderate
CVE-2017-1000006
was published
for
plotly.js
(npm)
Oct 24, 2017
rack-ssl Cross-site Scripting vulnerability
Moderate
CVE-2014-2538
was published
for
rack-ssl
(RubyGems)
Oct 24, 2017
actionpack vulnerable to Cross-site Scripting
Moderate
CVE-2013-6415
was published
for
actionpack
(RubyGems)
Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability
Moderate
CVE-2015-7578
was published
for
rails-html-sanitizer
(RubyGems)
Oct 24, 2017
will_paginate Cross-site Scripting vulnerability
Moderate
CVE-2013-6459
was published
for
will_paginate
(RubyGems)
Oct 24, 2017
paperclip Cross-site Scripting vulnerability
Moderate
CVE-2015-2963
was published
for
paperclip
(RubyGems)
Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability
Moderate
CVE-2015-7580
was published
for
rails-html-sanitizer
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2015-3226
was published
for
activesupport
(RubyGems)
Oct 24, 2017
Rails vulnerable to Cross-site Scripting
Moderate
CVE-2014-0081
was published
for
actionpack
(RubyGems)
Oct 24, 2017
VBScript Content Injection in marked
Moderate
CVE-2015-1370
was published
for
marked
(npm)
Oct 24, 2017
Multiple XSS Filter Bypasses in validator
Moderate
CVE-2013-7454
was published
for
validator
(npm)
Oct 24, 2017
Moderate severity vulnerability that affects validator
Moderate
CVE-2013-7451
was published
for
validator
(npm)
Oct 24, 2017
Moderate severity vulnerability that affects validator
Moderate
CVE-2013-7453
was published
for
validator
(npm)
Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability
Moderate
CVE-2015-7579
was published
for
rails-html-sanitizer
(RubyGems)
Oct 24, 2017
Moderate severity vulnerability that affects validator
Moderate
CVE-2013-7452
was published
for
validator
(npm)
Oct 24, 2017
Cross-Site Scripting in serve-index
Moderate
CVE-2015-8856
was published
for
serve-index
(npm)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2013-6416
was published
for
actionpack
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
i18n gem Cross-site Scripting vulnerability
Moderate
CVE-2013-4492
was published
for
i18n
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2013-1855
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack vulnerable to Cross-site Scripting
Moderate
CVE-2013-4491
was published
for
actionpack
(RubyGems)
Oct 24, 2017
jquery-ui Tooltip widget vulnerable to XSS
Moderate
CVE-2012-6662
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2012-3465
was published
for
actionpack
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API