Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
OpenStack Dashboard (aka Horizon) vulnerable to Cross-site Scripting Moderate
CVE-2014-0157 was published for horizon (pip) May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
simplejson before 2.6.1 vulnerable to array index error Moderate
CVE-2014-4616 was published for simplejson (pip) May 14, 2022
westonsteimel
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2015-6938 was published for ipython (pip) May 14, 2022
Ansible Arbitrary File Overwrite Vulnerability Moderate
CVE-2013-4260 was published for ansible (pip) May 14, 2022
OpenStack Nova Long server names grow nova-api log files significantly Moderate
CVE-2012-1585 was published for nova (pip) May 14, 2022
OpenStack Nova Denial of Service in network source security groups Moderate
CVE-2013-4185 was published for nova (pip) May 14, 2022
OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability Moderate
CVE-2014-3517 was published for nova (pip) May 14, 2022
OpenStack Nova Multiple directory traversal vulnerabilities Moderate
CVE-2011-4596 was published for nova (pip) May 14, 2022
OpenStack Keystone Token authorization for a user in a disabled tenant is allowed Moderate
CVE-2012-4457 was published for Keystone (pip) May 14, 2022
OpenStack Compute (Nova) allows remote authenticated users to obtain sensitive information Moderate
CVE-2013-2256 was published for nova (pip) May 14, 2022
OpenStack Compute (Nova) allows remote attackers to bypass intended restriction Moderate
CVE-2015-7713 was published for nova (pip) May 14, 2022
OpenStack Nova Potential Xen connection password leak via StorageError Moderate
CVE-2015-8749 was published for nova (pip) May 14, 2022
OpenStack Cinder Denial of Service using XML entities Moderate
CVE-2013-4202 was published for cinder (pip) May 14, 2022
OpenStack Nova instance migration process does not stop when instance is deleted Moderate
CVE-2015-3241 was published for nova (pip) May 14, 2022
OpenStack Nova DoS through ephemeral disk backing files Moderate
CVE-2013-6437 was published for nova (pip) May 14, 2022
OpenStack Compute (Nova)'s VMWare driver vulnerable to denial of service Moderate
CVE-2014-3608 was published for nova (pip) May 14, 2022
OpenStack Compute (Nova) Denial of Service vulnerability Moderate
CVE-2014-3708 was published for nova (pip) May 14, 2022
OpenStack Compute (Nova) has Insufficient Verification of Data Authenticity Moderate
CVE-2015-0259 was published for nova (pip) May 14, 2022
OpenStack Compute (nova) allows remote authenticated users to cause a denial of service Moderate
CVE-2015-3280 was published for nova (pip) May 14, 2022
OpenStack Nova host data access through resize/migration Moderate
CVE-2016-2140 was published for nova (pip) May 14, 2022
Ajenti Cross-site Scripting Via Filename Moderate
CVE-2018-18548 was published for ajenti (pip) May 14, 2022
httplib2 incorrectly checks SSL certificate Moderate
CVE-2013-2037 was published for httplib2 (pip) May 14, 2022
trytond arbitrary fields write via a sequence of records Moderate
CVE-2015-0861 was published for trytond (pip) May 14, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme Moderate
CVE-2015-1195 was published for glance (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database