Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,508 advisories

Loading
Reddit Terminal Viewer (RTV) vulnerable to argument injection attacks High
CVE-2017-17516 was published for rtv (pip) May 14, 2022
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption High
CVE-2015-5162 was published for cinder (pip) May 14, 2022
Django CSRF Protection Bypass High
CVE-2016-7401 was published for django (pip) May 14, 2022
MarkLee131
Django Might Allow CSRF Requests via URL Verification High
CVE-2011-4138 was published for Django (pip) May 14, 2022
Django Vulnerable to Cache Poisoning High
CVE-2011-4139 was published for Django (pip) May 14, 2022
Arbitrary file write in NumPy High
CVE-2014-1858 was published for numpy (pip) May 14, 2022
jhutchings1
uWSGI Directory Traversal vulnerability High
CVE-2018-7490 was published for uWSGI (pip) May 14, 2022
OISF suricata-update unsafely deserializes YAML data High
CVE-2018-1000167 was published for suricata-update (pip) May 14, 2022
Tryton vulnerable to arbitrary command execution High
CVE-2014-6633 was published for tryton (pip) May 14, 2022
Matrix Synapse DoS High
CVE-2018-10657 was published for matrix-synapse (pip) May 14, 2022
tlslite remote denial of service vulnerability High
CVE-2015-3220 was published for tlslite (pip) May 14, 2022
Salt vulnerable to Improper Certificate Validation High
CVE-2015-4017 was published for salt (pip) May 14, 2022
Aubio is vulnerable to denial of service via aubio_source_avcodec_readframe function High
CVE-2018-14521 was published for aubio (pip) May 14, 2022
Plone Open Redirection vulnerability via next parameter High
CVE-2013-4200 was published for Plone (pip) May 14, 2022
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism High
CVE-2016-5362 was published for neutron (pip) May 14, 2022
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
Salt Improper Access Control High
CVE-2016-1866 was published for salt (pip) May 14, 2022
python-glanceclient vulnerable to SSL server spoofing due to unverified X.509 certificate High
CVE-2013-4111 was published for python-glanceclient (pip) May 14, 2022
python-bugzilla has improper validation of X.509 certificates High
CVE-2013-2191 was published for python-bugzilla (pip) May 14, 2022
OpenStack Swift Unchecked user input in XML responses High
CVE-2013-2161 was published for swift (pip) May 14, 2022
Django Allows Open Redirects High
CVE-2014-3730 was published for Django (pip) May 14, 2022
Improper Link Resolution Before File Access in logilab-commons High
CVE-2014-1838 was published for logilab-common (pip) May 14, 2022
Django Incorrectly Validates URLs High
CVE-2014-0480 was published for Django (pip) May 14, 2022
Mercurial arbitrary code execution vulnerability High
CVE-2016-3630 was published for mercurial (pip) May 14, 2022
Mercurial vulnerable to arbitrary code execution via a crafted name when converting a Git repository High
CVE-2016-3069 was published for mercurial (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database