Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3,716 advisories

Loading
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
Regular Expression Denial of Service in moment Moderate
CVE-2016-4055 was published for moment (npm) Oct 24, 2017
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
Regular Expression Denial of Service in is-my-json-valid High
CVE-2016-2537 was published for is-my-json-valid (npm) Oct 24, 2017
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Moderate
CVE-2016-7103 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js Critical
CVE-2015-8857 was published for uglifier (RubyGems) Oct 24, 2017
Denial-of-Service Memory Exhaustion in qs High
CVE-2014-7191 was published for qs (npm) Oct 24, 2017
Regular Expression Denial of Service in semver High
CVE-2015-8855 was published for semver (npm) Oct 24, 2017
File Descriptor Leak Can Cause DoS Vulnerability in hapi High
CVE-2014-3742 was published for hapi (npm) Oct 24, 2017
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
Root Path Disclosure in send Moderate
CVE-2015-8859 was published for send (npm) Oct 24, 2017
tdunlap607
VBScript Content Injection in marked Moderate
CVE-2015-1370 was published for marked (npm) Oct 24, 2017
CORS Token Disclosure in crumb Moderate
CVE-2014-7193 was published for crumb (npm) Oct 24, 2017
Directory Traversal in geddy High
CVE-2015-5688 was published for geddy (npm) Oct 24, 2017
Symlink Arbitrary File Overwrite in tar High
CVE-2015-8860 was published for tar (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7451 was published for validator (npm) Oct 24, 2017
Multiple XSS Filter Bypasses in validator Moderate
CVE-2013-7454 was published for validator (npm) Oct 24, 2017
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7453 was published for validator (npm) Oct 24, 2017
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7452 was published for validator (npm) Oct 24, 2017
Cross-Site Scripting in mustache High
CVE-2015-8862 was published for mustache (npm) Oct 24, 2017
SQL Injection in sequelize High
CVE-2015-1369 was published for sequelize (npm) Oct 24, 2017
Directory Traversal in send Low
CVE-2014-6394 was published for send (npm) Oct 24, 2017
Moderate severity vulnerability that affects handlebars Moderate
GHSA-fmr4-7g9q-7hc7 was published for handlebars (npm) Oct 24, 2017 withdrawn
Moderate severity vulnerability that affects validator Moderate
GHSA-9959-c6q6-6qp3 was published for validator (npm) Oct 24, 2017 withdrawn
ProTip! Advisories are also available from the GraphQL API