GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113 advisories
Filter by severity
Improper query string handling in Django
Moderate
CVE-2010-4534
was published
for
Django
(pip)
Jul 23, 2018
Moderate severity vulnerability that affects mailman
Moderate
CVE-2018-13796
was published
for
mailman
(pip)
Sep 11, 2018
Improper Input Validation in ansible
Moderate
CVE-2016-8647
was published
for
ansible
(pip)
Oct 10, 2018
python-gnupg vulnerable to shell injection
Moderate
CVE-2014-1929
was published
for
python-gnupg
(pip)
Nov 6, 2018
Moderate severity vulnerability that affects python-gnupg
Moderate
CVE-2014-1928
was published
for
python-gnupg
(pip)
Nov 6, 2018
Improper Input Validation in Django
Moderate
CVE-2019-3498
was published
for
Django
(pip)
Jan 14, 2019
Denial of Service in Tensorflow
Moderate
CVE-2020-15194
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of Service in Tensorflow
Moderate
CVE-2020-15199
was published
for
tensorflow
(pip)
Sep 25, 2020
Undefined behavior in Tensorflow
Moderate
CVE-2020-15191
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of Service in Tensorflow
Moderate
CVE-2020-15197
was published
for
tensorflow
(pip)
Sep 25, 2020
Heap buffer overflow in Tensorflow
Moderate
CVE-2020-15201
was published
for
tensorflow
(pip)
Sep 25, 2020
Segmentation fault in tensorflow-lite
Moderate
CVE-2020-15210
was published
for
tensorflow
(pip)
Sep 25, 2020
Cross-site Scripting (XSS) in Django REST Framework
Moderate
CVE-2020-25626
was published
for
djangorestframework
(pip)
Mar 19, 2021
Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints
Moderate
CVE-2021-21393
was published
for
matrix-synapse
(pip)
Apr 13, 2021
Denial of service (via resource exhaustion) due to improper input validation on third-party identifier endpoints
Moderate
CVE-2021-21394
was published
for
matrix-synapse
(pip)
Apr 13, 2021
Sydent DoS (via resource exhaustion) due to improper input validation
Moderate
CVE-2021-29433
was published
for
matrix-sydent
(pip)
Apr 16, 2021
SSRF in Sydent due to missing validation of hostnames
Moderate
CVE-2021-29431
was published
for
matrix-sydent
(pip)
Apr 19, 2021
Malicious users could abuse Sydent to control the content of invitation emails
Moderate
CVE-2021-29432
was published
for
matrix-sydent
(pip)
Apr 19, 2021
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Moderate
CVE-2019-14905
was published
for
ansible
(pip)
Apr 20, 2021
ProTip!
Advisories are also available from the
GraphQL API