Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
OpenStack Compute (Nova) Improper Access Control Moderate
CVE-2015-2687 was published for nova (pip) May 17, 2022
Openstack DBaaS (Trove) Improper Link Resolution Before File Access Moderate
CVE-2015-3156 was published for trove (pip) May 17, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-2094 was published for horizon (pip) May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
PyCrypto makes Use of Insufficiently Random Values Moderate
CVE-2012-2417 was published for PyCrypto (pip) May 17, 2022
OpenStack Compute (Nova) Improper Input Validation Moderate
CVE-2012-2654 was published for nova (pip) May 17, 2022
OpenStack Keystone does not invalidate existing tokens when granting or revoking roles Moderate
CVE-2012-4413 was published for keystone (pip) May 17, 2022
OpenStack Glance arbitrary deletion of non-protected images Moderate
CVE-2012-4573 was published for glance (pip) May 17, 2022
OpenStack Glance arbitrary deletion of non-protected images Moderate
CVE-2012-5482 was published for glance (pip) May 17, 2022
Tweepy does not verify SSL Certificate Moderate
CVE-2012-5825 was published for tweepy (pip) May 17, 2022
Roundup Cross-site Scripting (XSS) vulnerability Moderate
CVE-2012-6130 was published for roundup (pip) May 17, 2022
Roundup Cross-site Scripting (XSS) vulnerability Moderate
CVE-2012-6132 was published for roundup (pip) May 17, 2022
Roundup Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-6131 was published for roundup (pip) May 17, 2022
OpenStack Identity (Keystone) improper revoking of the authentication token when deleting a user Moderate
CVE-2013-2059 was published for keystone (pip) May 17, 2022
Django cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget Moderate
CVE-2013-4249 was published for django (pip) May 17, 2022
OpenStack Swift metadata constraints are not correctly enforced Moderate
CVE-2014-7960 was published for swift (pip) May 17, 2022
Django XSS Vulnerability Moderate
CVE-2016-2512 was published for Django (pip) May 17, 2022
MarkLee131
Improper Neutralization of Input During Web Page Generation in IPython Moderate
CVE-2015-4706 was published for ipython (pip) May 17, 2022
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Plone Cross-site Scripting Vulnerability Moderate
CVE-2015-7316 was published for Plone (pip) May 17, 2022
salt leaks git usernames and passwords to the log Moderate
CVE-2015-6918 was published for salt (pip) May 17, 2022
Cross-site Scripting in Mistune Moderate
CVE-2017-15612 was published for mistune (pip) May 17, 2022
tdunlap607
Django cross-site scripting (XSS) vulnerability via is_safe_url function Moderate
CVE-2013-6044 was published for Django (pip) May 17, 2022
lxml Cross-site Scripting Via Control Characters Moderate
CVE-2014-3146 was published for lxml (pip) May 14, 2022
joshbressers
OpenStack Swift Unauthorized delete of versioned Swift object Moderate
CVE-2015-1856 was published for swift (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database