GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
112,833 advisories
Cross-Site Scripting (XSS) in Verdaccio
Moderate
CVE-2019-14772
was published
for
verdaccio
(npm)
May 29, 2019
Use of insecure jQuery version in OctoberCMS
Moderate
GHSA-v73w-r9xg-7cr9
was published
for
october/october
(Composer)
Jun 5, 2020
Malicious package may avoid detection in python auditing
Moderate
CVE-2020-5252
was published
for
safety
(pip)
Mar 24, 2020
CSRF and DNS Rebinding in Oasis
Moderate
CVE-2020-11003
was published
for
@fraction/oasis
(npm)
Apr 16, 2020
Cross-Site Scripting in SVG Sanitizer
Moderate
CVE-2020-11070
was published
for
t3g/svg-sanitizer
(Composer)
May 13, 2020
ProTip!
Advisories are also available from the
GraphQL API