Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,511 advisories

Loading
Plone denial of service via Caching Bypass High
CVE-2012-5498 was published for Plone (pip) May 17, 2022
OpenStack TripleO Heat templates spoof metadata requests High
CVE-2015-5303 was published for tripleo-heat-templates (pip) May 17, 2022
TripleO Heat templates might allow remote attackers to obtain sensitive information from private containers High
CVE-2015-5271 was published for tripleo-heat-templates (pip) May 17, 2022
SimpleGeo python-oauth2 does not check the nonce allowing replay attacks High
CVE-2013-4346 was published for oauth2 (pip) May 17, 2022
PyWBEM TOCTOU vulnerability in certificate validation High
CVE-2013-6418 was published for pywbem (pip) May 17, 2022
OpenStack keystonemiddleware does not verify certificate High
CVE-2014-7144 was published for keystonemiddleware (pip) May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file High
CVE-2015-5163 was published for glance (pip) May 17, 2022
tdunlap607
Django Access Restrictions Bypass High
CVE-2016-2048 was published for django (pip) May 17, 2022
MarkLee131
OpenStack Neutron Intended MAC-spoofing protection mechanism bypass High
CVE-2016-5363 was published for neutron (pip) May 17, 2022
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service High
CVE-2016-0737 was published for swift (pip) May 17, 2022
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service High
CVE-2016-0738 was published for swift (pip) May 17, 2022
Django DoS in django.views.static.serve High
CVE-2015-0221 was published for Django (pip) May 17, 2022
sunSUNQ
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks High
CVE-2015-1852 was published for keystonemiddleware (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images High
CVE-2014-9684 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images High
CVE-2015-1881 was published for glance (pip) May 17, 2022
Django Reuses Cached CSRF Token High
CVE-2014-0473 was published for Django (pip) May 17, 2022
MarkLee131
Django Vulnerable to MySQL Injection High
CVE-2014-0474 was published for Django (pip) May 17, 2022
bottle.py vulnerable to CRLF Injection High
CVE-2016-9964 was published for bottle (pip) May 17, 2022
flask-oidc Open Redirect vulnerability High
CVE-2016-1000001 was published for flask-oidc (pip) May 17, 2022
Improper input validation in cryptography High
CVE-2016-9243 was published for cryptography (pip) May 17, 2022
jhutchings1
Capstone Integer overflow High
CVE-2017-6952 was published for capstone (pip) May 17, 2022
Pillow Buffer overflow in Jpeg2KEncode.c High
CVE-2016-3076 was published for pillow (pip) May 17, 2022
SaltStack Salt Information Exposure High
CVE-2017-8109 was published for salt (pip) May 17, 2022
PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles High
CVE-2014-1932 was published for pillow (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database