Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

110 advisories

Loading
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Improper Restriction of XML External Entity Reference in python-docx High
CVE-2016-5851 was published for python-docx (pip) May 13, 2022
tdunlap607
XML External Entity Injection in PyWPS High
CVE-2021-39371 was published for pywps (pip) Sep 2, 2021
tdunlap607
PyKMIP Denial of service vulnerability High
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
PyOpenSSL Use-After-Free vulnerability High
CVE-2018-1000807 was published for pyopenssl (pip) Oct 10, 2018
tdunlap607
Potential infinite loop in Pillow High
CVE-2021-28676 was published for Pillow (pip) Jun 8, 2021
tdunlap607
Plone Code Injection vulnerability High
CVE-2012-5488 was published for Plone (pip) May 17, 2022
tdunlap607
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data High
CVE-2018-1000656 was published for flask (pip) Aug 23, 2018
tdunlap607
GitPython vulnerable to Remote Code Execution due to improper user input validation High
CVE-2022-24439 was published for GitPython (pip) Dec 6, 2022
ad-m-ss tdunlap607
Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks High
CVE-2021-33571 was published for Django (pip) Jun 10, 2021
tdunlap607
Infinite Loop in Django High
CVE-2022-23833 was published for Django (pip) Feb 4, 2022
tdunlap607 MarkLee131
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for Django (pip) Feb 12, 2019
tdunlap607
Information disclosure in Django High
CVE-2021-45116 was published for Django (pip) Jan 12, 2022
tdunlap607
Incorrect Default Permissions in Cobbler High
CVE-2021-45083 was published for cobbler (pip) Feb 21, 2022
tdunlap607
Pylons Colander Denial of Service vulnerability High
CVE-2017-18361 was published for colander (pip) Feb 7, 2019
tdunlap607
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function High
CVE-2018-19802 was published for aubio (pip) Jul 26, 2019
tdunlap607
Arches vulnerable to execution of arbitrary SQL High
CVE-2022-41892 was published for arches (pip) Nov 11, 2022
sylwia-budzynska tdunlap607
Duplicate Advisory: gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures High
GHSA-gq5r-cc4w-g8xf was published for github.com/russellhaering/gosaml2 (Go) Jun 23, 2021 withdrawn
tdunlap607
Improper handling of case sensitivity in Spring Framework High
CVE-2022-22968 was published for org.springframework:spring-context (Maven) Apr 15, 2022
tdunlap607 amita-seal
SunBK201
Next.js Directory Traversal Vulnerability High
CVE-2017-16877 was published for next (npm) Dec 5, 2017
tdunlap607
Array size is not checked in sized-chunks High
CVE-2020-25792 was published for sized-chunks (Rust) Aug 25, 2021
tdunlap607
Stored XSS vulnerability on Bounce Management Callback High
CVE-2021-27910 was published for mautic/core (Composer) Sep 1, 2021
tdunlap607
Remote Code Execution in SyliusResourceBundle High
CVE-2020-15143 was published for sylius/resource-bundle (Composer) Aug 19, 2020
isometriks tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database