Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,213 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager High
CVE-2021-21336 was published for Products.PluggableAuthService (pip) Mar 8, 2021
chutchut
botframework-connector vulnerable to Improper Authentication High
GHSA-cqff-fx2x-p86v was published for botframework-connector (pip) Mar 8, 2021
Dynamic modification of RPyC service due to missing security check High
CVE-2019-16328 was published for rpyc (pip) Feb 17, 2021
comrumino
PyCA Cryptography symmetrically encrypting large values can lead to integer overflow High
CVE-2020-36242 was published for cryptography (pip) Feb 10, 2021
Regular Expression Denial of Service (REDoS) in httplib2 High
CVE-2021-21240 was published for httplib2 (pip) Feb 8, 2021
b-c-ds
CSRF can expose users authentication token High
CVE-2021-21241 was published for Flask-Security-Too (pip) Jan 11, 2021
Regular Expression Denial of Service in CairoSVG High
CVE-2021-21236 was published for CairoSVG (pip) Jan 6, 2021
b-c-ds
Denial of service attack via incorrect parameters in Matrix Synapse High
CVE-2020-26257 was published for matrix-synapse (pip) Dec 9, 2020
user-readable api tokens in systemd units for JupyterHub High
CVE-2020-26261 was published for jupyterhub-systemdspawner (pip) Dec 9, 2020
quentinmit
Multiple cryptographic issues in Python oic High
CVE-2020-26244 was published for oic (pip) Dec 4, 2020
F3r0C17Y mladevbb
CheariX
XXE in petl High
CVE-2020-29128 was published for petl (pip) Dec 2, 2020
nvn1729
Base class whitelist configuration ignored in OAuthenticator High
CVE-2020-26250 was published for oauthenticator (pip) Dec 1, 2020
Denial of service attack due to invalid JSON High
CVE-2020-26890 was published for matrix-synapse (pip) Nov 24, 2020
dkasak
Segfault in `tf.quantization.quantize_and_dequantize` High
CVE-2020-15265 was published for tensorflow (pip) Nov 13, 2020
MoinMoin vulnerable to remote code execution via cache action High
CVE-2020-25074 was published for moin (pip) Nov 11, 2020
Update bitlyshortener to >=0.5.0 to prevent generating some invalid short URLs High
GHSA-r82c-j4mq-5xfw was published for bitlyshortener (pip) Oct 27, 2020
Potential DoS with NumberFilter conversion to integer values. High
CVE-2020-15225 was published for django-filter (pip) Sep 28, 2020
Segmentation fault in tensorflow-lite High
CVE-2020-15210 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in tensorflow-lite High
CVE-2020-15209 was published for tensorflow (pip) Sep 25, 2020
Data corruption in tensorflow-lite High
CVE-2020-15208 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15206 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Integer truncation in Shard API usage High
CVE-2020-15202 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow High
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Memory corruption in Tensorflow High
CVE-2020-15193 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database