Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,164
Erlang
30
GitHub Actions
19
Go
1,973
Maven
5,000+
npm
3,695
NuGet
654
pip
3,312
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,636 advisories

Loading
actionview Cross-site Scripting vulnerability Moderate
CVE-2016-6316 was published for actionview (RubyGems) Oct 24, 2017
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Moderate
CVE-2016-7103 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
Cross-Site Scripting in serve-index Moderate
CVE-2015-8856 was published for serve-index (npm) Oct 24, 2017
tdunlap607
actionpack Cross-site Scripting vulnerability Moderate
CVE-2013-6416 was published for actionpack (RubyGems) Oct 24, 2017
Rails vulnerable to Cross-site Scripting Moderate
CVE-2014-0081 was published for actionpack (RubyGems) Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability Moderate
CVE-2015-7580 was published for rails-html-sanitizer (RubyGems) Oct 24, 2017
activesupport Cross-site Scripting vulnerability Moderate
CVE-2015-3226 was published for activesupport (RubyGems) Oct 24, 2017
actionpack vulnerable to Cross-site Scripting Moderate
CVE-2013-6415 was published for actionpack (RubyGems) Oct 24, 2017
rack-ssl Cross-site Scripting vulnerability Moderate
CVE-2014-2538 was published for rack-ssl (RubyGems) Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability Moderate
CVE-2015-7578 was published for rails-html-sanitizer (RubyGems) Oct 24, 2017
will_paginate Cross-site Scripting vulnerability Moderate
CVE-2013-6459 was published for will_paginate (RubyGems) Oct 24, 2017
paperclip Cross-site Scripting vulnerability Moderate
CVE-2015-2963 was published for paperclip (RubyGems) Oct 24, 2017
VBScript Content Injection in marked Moderate
CVE-2015-1370 was published for marked (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7452 was published for validator (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7451 was published for validator (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7453 was published for validator (npm) Oct 24, 2017
Multiple XSS Filter Bypasses in validator Moderate
CVE-2013-7454 was published for validator (npm) Oct 24, 2017
rails-html-sanitizer Cross-site Scripting vulnerability Moderate
CVE-2015-7579 was published for rails-html-sanitizer (RubyGems) Oct 24, 2017
RedCloth Cross-site Scripting vulnerability Moderate
CVE-2012-6684 was published for redcloth (RubyGems) Oct 24, 2017
oliverchang
i18n gem Cross-site Scripting vulnerability Moderate
CVE-2013-4492 was published for i18n (RubyGems) Oct 24, 2017
RDoc contains XSS vulnerability Moderate
CVE-2013-0256 was published for rdoc (RubyGems) Oct 24, 2017
jquery-ui Tooltip widget vulnerable to XSS Moderate
CVE-2012-6662 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
activesupport Cross-site Scripting vulnerability Moderate
CVE-2012-3464 was published for activesupport (RubyGems) Oct 24, 2017
tdunlap607
actionpack Cross-site Scripting vulnerability Moderate
CVE-2012-3463 was published for actionpack (RubyGems) Oct 24, 2017
ShayAry
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database