Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,618 advisories

Loading
Sensitive Information in Error Messages in Apache Airflow Moderate
CVE-2023-25695 was published for apache-airflow (pip) Mar 15, 2023
Cross-site Scripting in django-ajax-utilities Moderate
CVE-2017-20182 was published for django-ajax-utilities (pip) Mar 10, 2023
openstack-neutron uncontrolled resource consumption flaw Moderate
CVE-2022-3277 was published for neutron (pip) Mar 7, 2023
Open redirect in web2py Moderate
CVE-2023-22432 was published for web2py (pip) Mar 6, 2023
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions Moderate
CVE-2023-26051 was published for Saleor (pip) Mar 3, 2023
vantage6 vulnerable to Observable Response Discrepancy Moderate
CVE-2022-39228 was published for vantage6 (pip) Feb 28, 2023
Update share links to use FRP instead of SSH tunneling Moderate
CVE-2023-25823 was published for gradio (pip) Feb 23, 2023
gregsadetsky samueltc
modoboa Cross-site Scripting vulnerability Moderate
CVE-2023-0949 was published for modoboa (pip) Feb 22, 2023
Stored cross site scripting in changedetection.io Moderate
CVE-2023-24769 was published for changedetection.io (pip) Feb 18, 2023
edoardottt
Mayan EDMS DMS XSS vulnerability Moderate
CVE-2022-47419 was published for mayan-edms (pip) Feb 8, 2023
Cipher.update_into can corrupt memory if passed an immutable python object as the outbuf Moderate
CVE-2023-23931 was published for cryptography (pip) Feb 7, 2023
Exposure of Sensitive Information in EVE-SRP Moderate
CVE-2020-36660 was published for EVE-SRP (pip) Feb 6, 2023
OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature Moderate
CVE-2023-23940 was published for openzeppelin-cairo-contracts (pip) Feb 2, 2023
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
Withdrawn: safeurl-python contains Server-Side Request Forgery Moderate
GHSA-rw83-v3pw-m362 was published for safeurl-python (pip) Jan 30, 2023 withdrawn
safeurl-python contains Server-Side Request Forgery Moderate
CVE-2023-24622 was published for safeurl-python (pip) Jan 27, 2023
whoissecure
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Cross-site Scripting in modoboa Moderate
CVE-2023-0470 was published for modoboa (pip) Jan 27, 2023
Cross-site Scripting in pyload-ng Moderate
CVE-2023-0488 was published for pyload-ng (pip) Jan 27, 2023
Cross-site Scripting in modoboa Moderate
CVE-2023-0519 was published for modoboa (pip) Jan 27, 2023
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
Cross-Site Request Forgery in modoboa Moderate
CVE-2023-0438 was published for modoboa (pip) Jan 23, 2023
Improper Input Validation in pyload-ng Moderate
CVE-2023-0434 was published for pyload-ng (pip) Jan 22, 2023
Cross-Site Request Forgery in modoboa Moderate
CVE-2023-0406 was published for modoboa (pip) Jan 19, 2023
Modoboa is vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-0398 was published for modoboa (pip) Jan 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database