Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

13,623 advisories

Loading
Airbnb Knowledge Repo XSS In Comments Moderate
CVE-2018-12104 was published for knowledge-repo (pip) May 14, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2010-1649 was published for joomla/joomla-cms (Composer) May 14, 2022
Joomla! vulnerable to Cross-site Scripting Moderate
CVE-2011-2509 was published for joomla/joomla-cms (Composer) May 14, 2022
Ember.js Cross-site Scripting vulnerability Moderate
CVE-2014-0013 was published for ember-source (RubyGems) May 14, 2022
Aubio is vulnerable to a NULL pointer dereference Moderate
CVE-2017-17554 was published for aubio (pip) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins SSH Credentials Plugin Moderate
CVE-2018-1000601 was published for org.jenkins-ci.plugins:credentials (Maven) May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability Moderate
CVE-2018-1000602 was published for org.jenkins-ci.plugins:saml (Maven) May 14, 2022
Joplin Vulnerable to Cross-site Scripting in Note Content Moderate
CVE-2018-1000534 was published for joplin (npm) May 14, 2022
OpenTSDB Cross-site Scripting vulnerability Moderate
CVE-2018-13003 was published for net.opentsdb:opentsdb (Maven) May 14, 2022
OpenTSDB Cross-site Scripting vulnerability Moderate
CVE-2018-12973 was published for net.opentsdb:opentsdb (Maven) May 14, 2022
baserCMS arbitrary file upload vulnerability Moderate
CVE-2018-0571 was published for baserproject/basercms (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0570 was published for baserproject/basercms (Composer) May 14, 2022
XSS in baserCMS Moderate
CVE-2018-0574 was published for baserproject/basercms (Composer) May 14, 2022
Sensitive Data Exposure in baserCMS Moderate
CVE-2018-0575 was published for baserproject/basercms (Composer) May 14, 2022
Auth0 angular-jwt misinterprets allowlist as regex Moderate
CVE-2018-11537 was published for angular-jwt (npm) May 14, 2022
Jenkins Badge Plugin cross-site scripting vulnerability Moderate
CVE-2018-1000604 was published for org.jenkins-ci.plugins:badge (Maven) May 14, 2022
Arbitrary file write vulnerability in Jenkins Fortify CloudScan Plugin Moderate
CVE-2018-1000607 was published for org.jenkins-ci.plugins:fortify-cloudscan-jenkins-plugin (Maven) May 14, 2022
Cloud Foundry UAA open redirect Moderate
CVE-2018-11041 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ Credited to sunSUNQ
URLTrigger Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000606 was published for org.jenkins-ci.plugins:urltrigger (Maven) May 14, 2022
westonsteimel Credited to westonsteimel
Jenkins Configuration as Code Plugin vulnerable to Exposure of Sensitive Information Moderate
CVE-2018-1000609 was published for io.jenkins:configuration-as-code (Maven) May 14, 2022
Angular Redactor XSS Vulnerability Moderate
CVE-2018-13339 was published for angular-redactor (npm) May 14, 2022
xapian-core Cross-site Scripting vulnerability Moderate
CVE-2018-0499 was published for xapian-core (RubyGems) May 14, 2022
Galaxy cross-site scripting (XSS) Moderate
CVE-2018-1000516 was published for galaxy-app (pip) May 14, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis Credited to florelis and skofman1 skofman1 skofman1
Jenkins AWS CodeDeploy Plugin has Insufficiently Protected Credentials Moderate
CVE-2018-1000402 was published for com.amazonaws:codedeploy (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database