GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

460 advisories

High

CVE-2018-20857 was published for samlr (RubyGems) Jul 31, 2019

High

CVE-2019-10742 was published for axios (npm) May 29, 2019

High

CVE-2018-17201 was published for org.apache.sanselan:sanselan (Maven) May 14, 2019

High

CVE-2018-20835 was published for tar-fs (npm) May 1, 2019

High

CVE-2018-7577 was published for tensorflow (pip) Apr 30, 2019

High

CVE-2015-1326 was published for python-dbusmock (pip) Apr 23, 2019

High

CVE-2019-11069 was published for sequelize (npm) Apr 11, 2019

High

CVE-2019-6690 was published for python-gnupg (pip) Mar 25, 2019

High

CVE-2019-0200 was published for org.apache.qpid:apache-qpid-broker-j (Maven) Mar 7, 2019

High

CVE-2017-15720 was published for apache-airflow (pip) Jan 25, 2019

High

CVE-2018-1320 was published for org.apache.thrift:libthrift (Maven) Jan 17, 2019

High

CVE-2019-3498 was published for Django (pip) Jan 14, 2019

High

CVE-2018-1000809 was published for privacyIDEA (pip) Jan 14, 2019

High

CVE-2018-14732 was published for webpack-dev-server (npm) Jan 4, 2019

High

CVE-2014-0050 was published for commons-fileupload:commons-fileupload (Maven) Dec 21, 2018

High

CVE-2016-3092 was published for commons-fileupload:commons-fileupload (Maven) Dec 21, 2018

High

CVE-2018-17194 was published for org.apache.nifi:nifi-framework-cluster (Maven) Dec 20, 2018

High

CVE-2017-16005 was published for http-signature (npm) Nov 9, 2018

High

CVE-2018-16472 was published for cached-path-relative (npm) Nov 7, 2018

High

CVE-2018-1321 was published for org.apache.syncope:syncope-core (Maven) Nov 6, 2018

High

CVE-2014-1927 was published for python-gnupg (pip) Nov 6, 2018

High

CVE-2014-1928 was published for python-gnupg (pip) Nov 6, 2018

High

CVE-2015-5159 was published for kdcproxy (pip) Nov 1, 2018

High

CVE-2017-14063 was published for org.asynchttpclient:async-http-client (Maven) Oct 19, 2018

High

CVE-2018-11776 was published for org.apache.struts:struts2-core (Maven) Oct 18, 2018

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

460 advisories

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

460 advisories

Uh oh!