Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,158 advisories

Loading
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Null pointer dereference in TensorFlow leads to exploitation Moderate
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
Improper Input Validation in python-dbusmock High
CVE-2015-1326 was published for python-dbusmock (pip) Apr 23, 2019
Improper Certificate Validation in urllib3 High
CVE-2019-11324 was published for urllib3 (pip) Apr 19, 2019
tdunlap607
Apache Airflow vulnerable to CSRF Attacks High
CVE-2019-0229 was published for apache-airflow (pip) Apr 18, 2019
SQLAlchemy vulnerable to SQL Injection via order_by parameter Critical
CVE-2019-7164 was published for SQLAlchemy (pip) Apr 16, 2019
SQLAlchemy is vulnerable to SQL Injection via group_by parameter High
CVE-2019-7548 was published for SQLAlchemy (pip) Apr 16, 2019
Ansible Path Traversal vulnerability Moderate
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2019-0216 was published for apache-airflow (pip) Apr 12, 2019
sunSUNQ
Tryton Improper Access Control Moderate
CVE-2019-10868 was published for trytond (pip) Apr 10, 2019
Jinja2 sandbox escape via string formatting High
CVE-2019-10906 was published for Jinja2 (pip) Apr 10, 2019
High severity vulnerability that affects Jinja2 High
CVE-2016-10745 was published for Jinja2 (pip) Apr 10, 2019
Jupyter Notebook open redirect vulnerability Moderate
CVE-2019-10856 was published for notebook (pip) Apr 9, 2019
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
CoAPthon DoS due to Exceptions High
CVE-2018-12680 was published for CoAPthon (pip) Apr 8, 2019
CoAPthon3 vulnerable to Deserialization of Untrusted Data High
CVE-2018-12679 was published for CoAPthon3 (pip) Apr 8, 2019
Open Redirect vulnerability in jupyterhub and notebook Moderate
CVE-2019-10255 was published for jupyterhub (pip) Apr 2, 2019
Moderate severity vulnerability that affects splunk-sdk High
CVE-2019-5729 was published for splunk-sdk (pip) Mar 25, 2019
Improper Input Validation python-gnupg High
CVE-2019-6690 was published for python-gnupg (pip) Mar 25, 2019
ipycache is vulnerable to Code Injection Critical
CVE-2019-7539 was published for ipycache (pip) Mar 25, 2019
Webargs mishandles concurrent JSON parsing High
CVE-2019-9710 was published for webargs (pip) Mar 12, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for django (pip) Feb 12, 2019
tdunlap607
Moderate severity vulnerability that affects aioxmpp Moderate
GHSA-32f7-cmr3-vpjv was published for aioxmpp (pip) Feb 7, 2019 withdrawn
Pylons Colander Denial of Service vulnerability High
CVE-2017-18361 was published for colander (pip) Feb 7, 2019
tdunlap607
ProTip! Advisories are also available from the GraphQL API