Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2008-0781 was published for moin (pip) May 1, 2022
Improper privilege management in pyftpdlib Moderate
CVE-2007-6741 was published for pyftpdlib (pip) May 1, 2022
Improper Authentication in pyftpdlib Moderate
CVE-2007-6737 was published for pyftpdlib (pip) May 1, 2022
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
FTP backend for Duplicity Discloses Passwords to Process Listing Moderate
CVE-2007-5201 was published for duplicity (pip) May 1, 2022
MoinMoin Improper ACL handling for calendars and includes Moderate
CVE-2007-2637 was published for moin (pip) May 1, 2022
Trac Cross-site Scripting (XSS) vulnerability Moderate
CVE-2007-1405 was published for trac (pip) May 1, 2022
Trac missing Content-Disposition HTTP header Moderate
CVE-2007-1406 was published for trac (pip) May 1, 2022
MoinMoin Insertion of Sensitive Information into Log File Moderate
CVE-2007-0902 was published for moin (pip) May 1, 2022
MoinMoin Cross-Site Scripting (XSS) vulnerability via hitcounts and general parameters Moderate
CVE-2007-0901 was published for Moin (pip) May 1, 2022
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities Moderate
CVE-2007-0857 was published for moin (pip) May 1, 2022
Django Improper Access Control Moderate
CVE-2007-0405 was published for Django (pip) May 1, 2022
MarkLee131
Zope allows remote attackers to read arbitrary files Moderate
CVE-2006-4684 was published for zope2 (pip) May 1, 2022
Plone allows a user to masquerade as a group Moderate
CVE-2006-4249 was published for Plone (pip) May 1, 2022
Libextractor multiple heap-based buffer overflows Moderate
CVE-2006-2458 was published for extractor (pip) May 1, 2022
Plone allows remote users to modify arbitrary portraits Moderate
CVE-2006-1711 was published for plone (pip) May 1, 2022
Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability Moderate
CVE-2005-4644 was published for trac (pip) May 1, 2022
Zope Server vulnerable to DoS via header injection Moderate
CVE-2002-0687 was published for zope (pip) Apr 30, 2022
Zope allows attackers to modify raw image and file data Moderate
CVE-2000-1212 was published for zope (pip) Apr 30, 2022
Roundup Directory traversal vulnerability Moderate
CVE-2004-1444 was published for Roundup (pip) Apr 29, 2022
mailman Cross-site scripting (XSS) vulnerability Moderate
CVE-2004-1177 was published for mailman (pip) Apr 29, 2022
Mailman Sensitive Information Disclosure Moderate
CVE-2004-0412 was published for mailman (pip) Apr 29, 2022
Mailman Cross-site scripting (XSS) vulnerability Moderate
CVE-2003-0038 was published for mailman (pip) Apr 29, 2022
Potential Captcha Validate Bypass in flask-session-captcha Moderate
CVE-2022-24880 was published for flask-session-captcha (pip) Apr 26, 2022
GuillaumeGomez
Multiple cross-site scripting (XSS) vulnerabilities in Roundup Moderate
CVE-2012-6133 was published for roundup (pip) Apr 23, 2022
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database