Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
Buildbot CRLF Injection Moderate
CVE-2019-7313 was published for buildbot (pip) May 14, 2022
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled Moderate
CVE-2018-16859 was published for ansible (pip) May 14, 2022
Improper Neutralization of Input During Web Page Generation in Jupyter Notebook Moderate
CVE-2019-9644 was published for jupyter-notebook (pip) May 14, 2022
OpenStack Nova VMware instance leak potentially leading to compute DoS Moderate
CVE-2014-8333 was published for nova (pip) May 14, 2022
Improper Link Resolution Before File Access in Suds Moderate
CVE-2013-2217 was published for suds (pip) May 14, 2022
Python RSA allows attackers to spoof signatures Moderate
CVE-2016-1494 was published for rsa (pip) May 14, 2022
web2py exposure of sensitive information Moderate
CVE-2016-3954 was published for web2py (pip) May 14, 2022
keycloak-httpd-client-install symlink attack vulnerability Moderate
CVE-2017-15111 was published for keycloak-httpd-client-install (pip) May 14, 2022
MapProxy vulnerable to cross-site scripting in demo service Moderate
CVE-2017-1000426 was published for MapProxy (pip) May 13, 2022
Withdrawn Advisory: Pulp Improper Path Parsing Moderate
CVE-2018-10917 was published for pulpcore (pip) May 13, 2022 withdrawn
OpenStack Nova Filter Scheduler Bypass Moderate
CVE-2017-16239 was published for nova (pip) May 13, 2022
Openstack tripleo-heat-templates unauthenticated file access Moderate
CVE-2017-12155 was published for tripleo-heat-templates (pip) May 13, 2022
Tryton Information Disclosure Vulnerability Moderate
CVE-2017-0360 was published for trytond (pip) May 13, 2022
Cobbler Arbitrary File Read Moderate
CVE-2016-9605 was published for cobbler (pip) May 13, 2022
Bodhi Cross-site Scripting Vulnerability Moderate
CVE-2017-1002152 was published for bodhi (pip) May 13, 2022
Openstack Neutron vulnerable to eavesdropping on private traffic Moderate
CVE-2018-14636 was published for neutron (pip) May 13, 2022
Improper Neutralization of Input During Web Page Generation in IPython Moderate
CVE-2015-4707 was published for ipython (pip) May 13, 2022
sosreport sensitive information disclosure via weak permissions of the generated archives Moderate
CVE-2015-3171 was published for sosreport (pip) May 13, 2022
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons Moderate
CVE-2017-5591 was published for SleekXMPP (pip) May 13, 2022
Kallithea cross-site scripting (XSS) vulnerability Moderate
CVE-2015-1864 was published for Kallithea (pip) May 13, 2022
OpenStack Identity Keystone Improper Privilege Management Moderate
CVE-2014-0204 was published for keystone (pip) May 13, 2022
OpenStack Keystone Logs Passwords Moderate
CVE-2015-3646 was published for keystone (pip) May 13, 2022
OpenStack Identity Keystone Exposure of Sensitive Information Moderate
CVE-2014-3621 was published for keystone (pip) May 13, 2022
OpenStack Identity (Keystone) Denial of Service Moderate
CVE-2013-2014 was published for keystone (pip) May 13, 2022
OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege Moderate
CVE-2014-3476 was published for keystone (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database