GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,108
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,664
NuGet
642
pip
3,266
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
20,228 advisories
Filter by severity
Publify vulnerable to DoS attack
High
CVE-2014-3211
was published
for
publify_core
(RubyGems)
May 17, 2022
ovirt-engine-sdk-python improper validation of hostname in x.509 certificate
High
CVE-2014-0161
was published
for
ovirt-engine-sdk-python
(pip)
May 17, 2022
JBoss KeyCloak Open Redirect
Moderate
CVE-2014-3652
was published
for
org.keycloak:keycloak-services
(Maven)
May 17, 2022
JBoss KeyCloak Cross-site Scripting Vulnerability
Moderate
CVE-2014-3656
was published
for
org.keycloak:keycloak-core
(Maven)
May 17, 2022
openshift-origin-node Improper Input Validation vulnerability
Moderate
CVE-2014-0084
was published
for
openshift-origin-node
(RubyGems)
May 17, 2022
JBoss KeyCloak is vulnerable to soft token deletion via CSRF
Moderate
CVE-2014-3655
was published
for
org.keycloak:keycloak-services
(Maven)
May 17, 2022
MoinMoin improper access control on the included page for the rst parser
Moderate
CVE-2008-6548
was published
for
moin
(pip)
May 17, 2022
MoinMoin Denial of Service vulnerability via password_checker function
Moderate
CVE-2008-6549
was published
for
moin
(pip)
May 17, 2022
Apache Struts is vulnerable to Cross-site Scripting
Moderate
CVE-2008-6682
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Apache Struts directory traversal vulnerability
Moderate
CVE-2008-6505
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
PartialBufferOutputStream2 flush issues
Moderate
CVE-2008-7227
was published
for
org.geoserver.web:gs-web-app
(Maven)
May 17, 2022
•
withdrawn
Apache MyFaces Cross-site Scripting vulnerability
Moderate
CVE-2010-2086
was published
for
org.apache.myfaces.core:myfaces-core-module
(Maven)
May 17, 2022
Dojo Open Redirect vulnerability
Moderate
CVE-2010-2274
was published
for
org.dojotoolkit:dojo
(Maven)
May 17, 2022
Plone Cross-site Scripting vulnerability in PortalTransforms
Moderate
CVE-2010-2422
was published
for
Plone
(pip)
May 17, 2022
HTML Purifier Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-2479
was published
for
ezyang/htmlpurifier
(Composer)
May 17, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in python-cjson
Moderate
CVE-2010-1666
was published
for
python-cjson
(pip)
May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability
Moderate
CVE-2010-2970
was published
for
Moin
(pip)
May 17, 2022
MoinMoin cross-site scripting (XSS) vulnerability
Moderate
CVE-2010-2969
was published
for
moin
(pip)
May 17, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2010-2487
was published
for
moin
(pip)
May 17, 2022
Mako contains Cross-site Scripting vulnerability
Moderate
CVE-2010-2480
was published
for
mako
(pip)
May 17, 2022
Zope Denial of Service (DoS) vulnerability in ZServer
Moderate
CVE-2010-3198
was published
for
Zope
(pip)
May 17, 2022
Drupal cross-site scripting vulnerability via actions feature and trigger module
Low
CVE-2010-3094
was published
for
drupal/drupal
(Composer)
May 17, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib
Moderate
CVE-2010-3494
was published
for
pyftpdlib
(pip)
May 17, 2022
Improper Authentication in pyftpdlib
High
CVE-2008-7263
was published
for
pyftpdlib
(pip)
May 17, 2022
Directory traversal in pyftpdlib
Moderate
CVE-2008-7262
was published
for
pyftpdlib
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API