Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,511 advisories

Loading
Trac reStructuredText breach of privacy and denial of service vulnerability High
CVE-2006-3695 was published for trac (pip) May 1, 2022
CherryPy Directory traversal vulnerability High
CVE-2006-0847 was published for cherrypy (pip) May 1, 2022
Py2Play Unpickles Untrusted Objects High
CVE-2005-2875 was published for Py2Play (pip) May 1, 2022
Cheetah Path Search Order Hijacking High
CVE-2005-1632 was published for cheetah (pip) May 1, 2022
ZCatalog plug-in for Zope allows anonymous users to bypass access restrictions High
CVE-2002-0688 was published for zope (pip) Apr 30, 2022
Zope does not properly verify the access for objects with proxy roles High
CVE-2002-0170 was published for zope (pip) Apr 30, 2022
Zope does not properly perform security registration for legacy names High
CVE-2000-1211 was published for zope (pip) Apr 30, 2022
Zope does not properly restrict access to the getRoles method High
CVE-2000-0725 was published for zope (pip) Apr 30, 2022
Zope DTML implementation Improper Authentication High
CVE-2000-0062 was published for zope (pip) Apr 30, 2022
MoinMoin Improper Privilege Management High
CVE-2004-1463 was published for Moin (pip) Apr 29, 2022
MoinMoin Improper Access Control High
CVE-2004-1462 was published for Moin (pip) Apr 29, 2022
MoinMoin allows administrative access High
CVE-2004-0708 was published for Moin (pip) Apr 29, 2022
Apache Doris hardcoded key and IV High
CVE-2022-23942 was published for pydoris (pip) Apr 27, 2022
trytond Incorrect Authorization vulnerability High
CVE-2012-2238 was published for trytond (pip) Apr 23, 2022
Improper Authentication in django-mfa3 High
CVE-2022-24857 was published for django-mfa3 (pip) Apr 22, 2022
stefanw
Integer bounds error in Vyper High
CVE-2022-24845 was published for vyper (pip) Apr 22, 2022
Cobbler Web Interface Lacks CSRF Protection High
CVE-2011-4952 was published for cobbler (pip) Apr 22, 2022
Buffer Overflow in vyper High
CVE-2022-24788 was published for vyper (pip) Apr 20, 2022
Sensitive Auth & Cookie data stored in Jupyter server logs High
CVE-2022-24758 was published for notebook (pip) Apr 5, 2022
3coins
Incorrect Comparison in Vyper High
GHSA-7vrm-3jc8-5wwm was published for vyper (pip) Apr 4, 2022
Improper Removal of Sensitive Information Before Storage or Transfer in irrd High
CVE-2022-24798 was published for irrd (pip) Apr 1, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler High
CVE-2022-25598 was published for apache-dolphinscheduler (Maven) Mar 31, 2022
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
SaltStack Improper Verification of Cryptographic Signature High
CVE-2022-22934 was published for salt (pip) Mar 30, 2022
SaltStack Salt Authentication Bypass by Capture-replay High
CVE-2022-22936 was published for salt (pip) Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database