Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
aptdaemon Information Disclosure via Improper Input Validation in Transaction class Moderate
CVE-2020-15703 was published for aptdaemon (pip) May 24, 2022
Integer overflow in the bundled Brotli C library Moderate
CVE-2020-8927 was published for Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm (NuGet) May 24, 2022
OMERO-web Sensitive Data Exposure Moderate
CVE-2020-7932 was published for omero-web (pip) May 24, 2022
meinheld vulnerable to HTTP Request Smuggling Moderate
CVE-2020-7658 was published for meinheld (pip) May 24, 2022
OpenStack Keystone does not check signature TTL of the EC2 credential auth method Moderate
CVE-2020-12692 was published for keystone (pip) May 24, 2022
python-apt Flawed Package Integrity Check Moderate
CVE-2019-15795 was published for python-apt (pip) May 24, 2022
python-apt Does Not Check Hash Signature Moderate
CVE-2019-15796 was published for python-apt (pip) May 24, 2022
Plone cross site scripting (XSS) Moderate
CVE-2020-7937 was published for Plone (pip) May 24, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
FreeIPA logs passwords embedded in commands in calls using batch Moderate
CVE-2019-10195 was published for freeipa (pip) May 24, 2022
Designate does not enforce the DNS protocol limit concerning record set sizes Moderate
CVE-2015-5694 was published for designate (pip) May 24, 2022
Ansible leaks sensitive information to logs when told not to Moderate
CVE-2019-14858 was published for ansible (pip) May 24, 2022
wolfCrypt leaks cryptographic information via timing side channel Moderate
CVE-2019-13628 was published for wolfcrypt (pip) May 24, 2022
Elastic APM agent for Python client CGI proxy redirection flaw Moderate
CVE-2019-7617 was published for elastic-apm (pip) May 24, 2022
Openstack Octavia Access Control Vulnerability Moderate
CVE-2019-3895 was published for octavia (pip) May 24, 2022
PyDio Stored XSS Vulnerability Moderate
CVE-2019-10047 was published for Pydio (pip) May 24, 2022
Capstone SEGV caused by a read memory access Moderate
CVE-2016-7151 was published for capstone (pip) May 24, 2022
Matrix Sydent mishandles emails Moderate
CVE-2019-11340 was published for matrix-sydent (pip) May 24, 2022
Missing validation causes `TensorSummaryV2` to crash Moderate
CVE-2022-29193 was published for tensorflow (pip) May 24, 2022
Regular expression denial of service in url_regex Moderate
CVE-2022-21195 was published for url_regex (pip) May 21, 2022
Ansible Sensitive Files Are Locally Readable Moderate
CVE-2014-4658 was published for ansible (pip) May 17, 2022
Ansible discloses credential information Moderate
CVE-2014-4660 was published for ansible (pip) May 17, 2022
Ansible sets unsafe permissions for sources.list Moderate
CVE-2014-4659 was published for ansible (pip) May 17, 2022
MoinMoin improper access control on the included page for the rst parser Moderate
CVE-2008-6548 was published for moin (pip) May 17, 2022
Plone Cross-site Scripting vulnerability in PortalTransforms Moderate
CVE-2010-2422 was published for Plone (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database