Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

522 advisories

Loading
Stored XSS in Apache Atlas Moderate
CVE-2019-10070 was published for org.apache.atlas:apache-atlas (Maven) Jan 8, 2020
The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks Moderate
CVE-2019-10219 was published for org.hibernate.validator:hibernate-validator (Maven) Jan 8, 2020
SunBK201
Unescaped exception messages in error responses in Jetty Moderate
CVE-2019-17632 was published for org.eclipse.jetty:jetty-server (Maven) Dec 2, 2019
XSS issues in the management interface Moderate
CVE-2019-13236 was published for org.opencms:opencms-core (Maven) Nov 12, 2019
XSS in login form Moderate
CVE-2019-13235 was published for org.opencms:opencms-core (Maven) Nov 12, 2019
XSS in search engine Moderate
CVE-2019-13234 was published for org.opencms:opencms-core (Maven) Nov 12, 2019
Cross-site scripting in Apache JSPWiki Moderate
CVE-2019-12404 was published for org.apache.jspwiki:jspwiki-war (Maven) Oct 11, 2019
Cross-site scripting in Apache JSPWiki Moderate
CVE-2019-10089 was published for org.apache.jspwiki:jspwiki-war (Maven) Oct 11, 2019
Cross-site scripting in Apache JSPWiki Moderate
CVE-2019-10087 was published for org.apache.jspwiki:jspwiki-war (Maven) Oct 11, 2019
Cross-site scripting in Apache JSPWiki Moderate
CVE-2019-10090 was published for org.apache.jspwiki:jspwiki-war (Maven) Oct 11, 2019
Cross-site scripting in Sakai Moderate
CVE-2019-16148 was published for org.sakaiproject:chat-base (Maven) Sep 23, 2019
Cross-site Scripting in Jooby Moderate
CVE-2019-15477 was published for org.jooby:jooby (Maven) Aug 27, 2019
Cross-site Scripting in Ignite Realtime Openfire Moderate
CVE-2019-15488 was published for org.igniterealtime.openfire:xmppserver (Maven) Aug 27, 2019
Cross-site scripting in Apache Ranger Moderate
CVE-2019-12397 was published for org.apache.ranger:ranger (Maven) Aug 16, 2019
Cross-site Scripting in HAPI FHIR Moderate
CVE-2019-12741 was published for ca.uhn.hapi.fhir:hapi-fhir-base (Maven) Jun 7, 2019
Cross-site Scriptin in JSPWiki Moderate
CVE-2019-10078 was published for org.apache.jspwiki:jspwiki-main (Maven) Jun 6, 2019
Cross-site Scripting in JSPWiki Moderate
CVE-2019-10077 was published for org.apache.jspwiki:jspwiki-main (Maven) Jun 6, 2019
Cross-Site Scripting in JSPWiki Moderate
CVE-2019-10076 was published for org.apache.jspwiki:jspwiki-main (Maven) Jun 6, 2019
Cross-site scripting in Apache Tomcat Moderate
CVE-2019-0221 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 30, 2019
sunSUNQ
Cross-site Scripting in Apache UIMA Moderate
CVE-2018-8035 was published for org.apache.uima:uima-ducc-web (Maven) May 14, 2019
Cross-site scripting in Apache Archiva Moderate
CVE-2019-0213 was published for org.apache.archiva:archiva (Maven) May 14, 2019
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Rudloff
Cross-site Scripting in Apache Zeppelin Moderate
CVE-2018-1328 was published for org.apache.zeppelin:zeppelin (Maven) Apr 24, 2019
Cross-site Scripting in Eclipse Jetty Moderate
CVE-2019-10241 was published for org.eclipse.jetty:jetty-server (Maven) Apr 23, 2019
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main Moderate
CVE-2019-0224 was published for org.apache.jspwiki:jspwiki-main (Maven) Apr 2, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database