GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
228 advisories
Filter by severity
FedMsg not properly completing message validation
High
CVE-2017-1000001
was published
for
FedMsg
(pip)
Jul 13, 2018
cfscrape Improper Input Validation vulnerability
High
CVE-2017-7235
was published
for
cfscrape
(pip)
Jul 13, 2018
feedparser denial of service vulnerability
High
CVE-2011-1156
was published
for
feedparser
(pip)
Jul 23, 2018
Django-piston and Django-tastypie do not properly deserialize YAML data
Critical
CVE-2011-4103
was published
for
django-piston
(pip)
Jul 23, 2018
Improper query string handling in Django
Moderate
CVE-2010-4534
was published
for
Django
(pip)
Jul 23, 2018
Mitmweb in mitmproxy allows DNS Rebinding attacks
Critical
CVE-2018-14505
was published
for
mitmproxy
(pip)
Jul 31, 2018
PyCA Cryptography vulnerable to GCM tag forgery
High
CVE-2018-10903
was published
for
cryptography
(pip)
Jul 31, 2018
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data
High
CVE-2018-1000656
was published
for
flask
(pip)
Aug 23, 2018
Ansible fails to properly mark lookup-plugin results as unsafe
Critical
CVE-2017-7481
was published
for
ansible
(pip)
Sep 6, 2018
Moderate severity vulnerability that affects mailman
Moderate
CVE-2018-13796
was published
for
mailman
(pip)
Sep 11, 2018
Topydo Improper Input Validation vulnerability
High
CVE-2018-1000523
was published
for
topydo
(pip)
Sep 13, 2018
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems
High
CVE-2016-9587
was published
for
ansible
(pip)
Oct 10, 2018
Improper Input Validation in ansible
Moderate
CVE-2016-8647
was published
for
ansible
(pip)
Oct 10, 2018
Improper Input Validation in kdcproxy
High
CVE-2015-5159
was published
for
kdcproxy
(pip)
Nov 1, 2018
python-gnupg vulnerable to shell injection
Moderate
CVE-2014-1929
was published
for
python-gnupg
(pip)
Nov 6, 2018
Moderate severity vulnerability that affects python-gnupg
Moderate
CVE-2014-1928
was published
for
python-gnupg
(pip)
Nov 6, 2018
High severity vulnerability that affects python-gnupg
High
CVE-2014-1927
was published
for
python-gnupg
(pip)
Nov 6, 2018
Bleach URI Scheme Restriction Bypass
Critical
CVE-2018-7753
was published
for
bleach
(pip)
Jan 4, 2019
privacyIDEA Improper Input Validation vulnerability
High
CVE-2018-1000809
was published
for
privacyIDEA
(pip)
Jan 14, 2019
Improper Input Validation in Django
Moderate
CVE-2019-3498
was published
for
Django
(pip)
Jan 14, 2019
modulemd uses an unsafe function for processing externally provided data
Critical
CVE-2017-1002157
was published
for
modulemd
(pip)
Jan 17, 2019
Improper Input Validation in Apache Airflow resulting in Remote Code Execution
High
CVE-2017-15720
was published
for
apache-airflow
(pip)
Jan 25, 2019
ProTip!
Advisories are also available from the
GraphQL API