Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

286 advisories

Loading
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration Low
GHSA-f366-4rvv-95x2 was published for cryptoauthlib (pip) Oct 2, 2020
personnummer/python vulnerable to Improper Input Validation Low
GHSA-rxq3-5249-8hgg was published for personnummer (pip) Sep 9, 2020
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Timing attack on django-basic-auth-ip-whitelist Low
CVE-2020-4071 was published for django-basic-auth-ip-whitelist (pip) Jun 23, 2020
thibaudcolas
CRLF injection in httplib2 Low
CVE-2020-11078 was published for httplib2 (pip) May 20, 2020
Ciyfly
Pillow Temporary file name leakage Low
CVE-2014-1933 was published for Pillow (pip) May 18, 2020
Incorrect Provision of Specified Functionality in qutebrowser Low
CVE-2020-11054 was published for qutebrowser (pip) May 8, 2020
The-Compiler
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used Low
GHSA-mr6r-mvw4-736g was published for vyper (pip) Mar 25, 2020
montyly
Session key exposure through session list in Django User Sessions Low
CVE-2020-5224 was published for django-user-sessions (pip) Jan 24, 2020
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
Low severity vulnerability that affects Plone Low
CVE-2011-1949 was published for Plone (pip) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API