GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
11 advisories
jQuery-Upload-File XSS in fileNameStr
Moderate
CVE-2021-37504
was published
for
jquery-file-upload
(npm)
Feb 26, 2022
Roundup xml-rpc server improper check of property permissions
Moderate
CVE-2008-1475
was published
for
roundup
(pip)
May 1, 2022
Roundup vulnerability related to Cross-site scripting (XSS)
Moderate
CVE-2008-1474
was published
for
roundup
(pip)
May 1, 2022
Buildbot Cross-site scripting (XSS) vulnerability
Moderate
CVE-2009-2959
was published
for
buildbot
(pip)
May 2, 2022
Buildbot vulnerable to cross-site scripting
Moderate
CVE-2009-2967
was published
for
buildbot
(pip)
May 2, 2022
MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set
Moderate
CVE-2010-0667
was published
for
moin
(pip)
May 2, 2022
jplayer Cross Site Scripting vulnerability
Moderate
CVE-2013-2022
was published
for
jplayer
(npm)
May 17, 2022
MediaWiki makeCollapsible allows applying event handler to any CSS selector
Moderate
CVE-2020-10960
was published
for
mediawiki/core
(Composer)
May 24, 2022
Nomad ACL Policies without Label are Applied to Unexpected Resources
Moderate
CVE-2023-3072
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Nomad Search API Leaks Information About CSI Plugins
Moderate
CVE-2023-3300
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
ProTip!
Advisories are also available from the
GraphQL API