Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

239 advisories

Loading
Topydo Improper Input Validation vulnerability High
CVE-2018-1000523 was published for topydo (pip) Sep 13, 2018
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Ansible fails to properly mark lookup-plugin results as unsafe Critical
CVE-2017-7481 was published for ansible (pip) Sep 6, 2018
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data High
CVE-2018-1000656 was published for flask (pip) Aug 23, 2018
tdunlap607
PyCA Cryptography vulnerable to GCM tag forgery High
CVE-2018-10903 was published for cryptography (pip) Jul 31, 2018
Mitmweb in mitmproxy allows DNS Rebinding attacks Critical
CVE-2018-14505 was published for mitmproxy (pip) Jul 31, 2018
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
Improper date handling in Django Moderate
CVE-2010-4535 was published for Django (pip) Jul 23, 2018
MarkLee131
Improper query string handling in Django High
CVE-2010-4534 was published for Django (pip) Jul 23, 2018
MarkLee131
Plone Denial of Service vulnerability High
CVE-2011-4462 was published for Plone (pip) Jul 23, 2018
Django-piston and Django-tastypie do not properly deserialize YAML data Critical
CVE-2011-4103 was published for django-piston (pip) Jul 23, 2018
feedparser denial of service vulnerability High
CVE-2011-1156 was published for feedparser (pip) Jul 23, 2018
cfscrape Improper Input Validation vulnerability High
CVE-2017-7235 was published for cfscrape (pip) Jul 13, 2018
FedMsg not properly completing message validation High
CVE-2017-1000001 was published for FedMsg (pip) Jul 13, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database