GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
113 advisories
PyOpenSSL Use-After-Free vulnerability
High
CVE-2018-1000807
was published
for
pyopenssl
(pip)
Oct 10, 2018
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data
High
CVE-2018-1000656
was published
for
flask
(pip)
Aug 23, 2018
redcarpet Buffer Overflow vulnerability
High
CVE-2015-5147
was published
for
redcarpet
(RubyGems)
Aug 15, 2018
Regular Expression Denial of Service in charset
High
CVE-2017-16098
was published
for
charset
(npm)
Aug 9, 2018
Regular Expression Denial of Service in tough-cookie
High
CVE-2017-15010
was published
for
tough-cookie
(npm)
Jul 24, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
Regular Expression Denial of Service in moment
High
CVE-2017-18214
was published
for
moment
(npm)
Mar 5, 2018
Next.js Directory Traversal Vulnerability
High
CVE-2017-16877
was published
for
next
(npm)
Dec 5, 2017
yajl-ruby gem Denial of Service vulnerability
High
CVE-2017-16516
was published
for
yajl-ruby
(RubyGems)
Nov 28, 2017
activerecord vulnerable to SQL Injection
High
CVE-2011-0448
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Improper Input Validation in multi_xml
High
CVE-2013-0175
was published
for
multi_xml
(RubyGems)
Oct 24, 2017
nori contains Improper Input Validation
High
CVE-2013-0285
was published
for
nori
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API