Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,451 advisories

Loading
Cross-site scripting in Plone Moderate
CVE-2021-33513 was published for Plone (pip) Jun 8, 2021
Plone's authenticated users able to alter their password despite of policy definition Moderate
CVE-2013-4198 was published for Plone (pip) May 17, 2022
Plone is vulnerable to information exposure via the object manager implementation Moderate
CVE-2013-4196 was published for plone (pip) May 17, 2022
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Plone vulnerable to cross-site scripting Moderate
CVE-2013-4190 was published for plone (pip) May 17, 2022
Plone has stored XSS in folder contents Moderate
CVE-2021-35959 was published for plone (pip) May 24, 2022
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone Moderate
CVE-2021-33507 was published for Plone (pip) Jun 18, 2021
Server-Side Request Forgery in Plone Moderate
CVE-2021-33510 was published for Plone (pip) Jun 15, 2021
Cross-site scripting in Plone Moderate
CVE-2021-33508 was published for Plone (pip) Jun 8, 2021
Plone cross site scripting (XSS) Moderate
CVE-2020-7937 was published for Plone (pip) May 24, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
Plone Cross-site Scripting Vulnerability Moderate
CVE-2015-7316 was published for Plone (pip) May 17, 2022
Plone vulnerable to Cross-site Scripting Moderate
CVE-2016-7140 was published for Plone (pip) May 14, 2022
Plone XSS Moderate
CVE-2016-7138 was published for plone (pip) May 14, 2022
Plone Sandbox Escape Moderate
CVE-2017-5524 was published for Plone (pip) Jul 12, 2018
OpenCanary Executes Commands From Potentially Writable Config File Moderate
CVE-2024-48911 was published for OpenCanary (pip) Oct 14, 2024
0x0L0RD DavidBakerEffendi
AndreiDreyer
Plone XSS in Zope ZMI Moderate
CVE-2016-7147 was published for plone (pip) May 17, 2022
Plone vulnerable to unauthorized disclosure of site content Moderate
CVE-2016-4042 was published for Plone (pip) May 17, 2022
Chameleon in Plone allows Authentication Bypass Moderate
CVE-2016-4043 was published for Plone (pip) May 17, 2022
Plone is vulnerable to File System Path Exposure Moderate
CVE-2013-4194 was published for plone (pip) May 17, 2022
Plone vulnerable to filesystem information leak Moderate
CVE-2016-7135 was published for Plone (pip) May 14, 2022
Products.CMFPlone XSS in profile home_page property Moderate
CVE-2017-1000482 was published for Plone (pip) May 14, 2022
Plone Zope cross-site scripting (XSS) vulnerability Moderate
CVE-2013-7062 was published for plone (pip) May 5, 2022
Plone vulnerable to privilege escalation in WebDAV Moderate
CVE-2016-4041 was published for Plone (pip) May 17, 2022
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder Moderate
CVE-2024-25112 was published for exiv2 (pip) Oct 17, 2024
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database