Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,620 advisories

Loading
Tahoe-LAFS fails to ensure integrity Moderate
CVE-2012-0051 was published for tahoe-lafs (pip) Apr 23, 2022
Manipulated inline images can cause Infinite Loop in PyPDF2 Moderate
CVE-2022-24859 was published for PyPDF2 (pip) Apr 22, 2022
SVG with embedded scripts can lead to cross-site scripting attacks in xml2rfc Moderate
GHSA-cf4q-4cqr-7g7w was published for xml2rfc (pip) Apr 22, 2022
OpenStack Nova Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2011-4076 was published for nova (pip) Apr 22, 2022
Zope XSS Vulnerability Moderate
CVE-2011-4924 was published for zope (pip) Apr 22, 2022
Mercurial Improper Certificate Validation vulnerability Moderate
CVE-2010-4237 was published for mercurial (pip) Apr 21, 2022
Cross-site scripting in markdown2 for python Moderate
CVE-2009-3724 was published for markdown2 (pip) Apr 21, 2022
westonsteimel
Uncontrolled Resource Consumption in Matrix Synapse Moderate
CVE-2022-41952 was published for matrix-synapse (pip) Apr 1, 2022
Open Redirect in Flask-AppBuilder Moderate
CVE-2022-24776 was published for Flask-AppBuilder (pip) Mar 25, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates Moderate
CVE-2021-4180 was published for tripleo-heat-templates (pip) Mar 24, 2022
Incomplete validation in `SparseSparseMinimum` Moderate
CVE-2021-29607 was published for tensorflow (pip) Mar 18, 2022
Command injection in guake Moderate
CVE-2021-23556 was published for guake (pip) Mar 18, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
sugar700
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
Exposure of Sensitive information in httpie Moderate
CVE-2022-0430 was published for httpie (pip) Mar 16, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Cross-site Scripting in FreeTAKServer-UI Moderate
CVE-2022-25507 was published for FreeTAKServer-UI (pip) Mar 12, 2022
saleor Missing Authorization vulnerability Moderate
CVE-2022-0932 was published for saleor (pip) Mar 12, 2022
Improper Authorization in cobbler Moderate
CVE-2022-0860 was published for cobbler (pip) Mar 11, 2022
ysf
Improper Restriction of XML External Entity Reference in trytond and proteus Moderate
CVE-2022-26661 was published for proteus (pip) Mar 11, 2022
Open Redirect in archivy Moderate
CVE-2022-0697 was published for archivy (pip) Mar 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in httpie Moderate
CVE-2022-24737 was published for httpie (pip) Mar 7, 2022
Open Redirect in django-spirit Moderate
CVE-2022-0869 was published for django-spirit (pip) Mar 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database