GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,736
Composer 4,029
Erlang 29
GitHub Actions 16
Go 1,832
Maven 5,045
npm 3,573
NuGet 632
pip 3,158
Pub 10
RubyGems 847
Rust 797
Swift 34

Unreviewed advisories

All unreviewed 224,761

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,464 advisories

Filter by severity

Sort by

Least recently updated

Improper Input Validation in Django Moderate

CVE-2019-3498 was published for django (pip) Jan 14, 2019

Django vulnerable to XSS on 500 pages Moderate

CVE-2017-12794 was published for django (pip) Jan 4, 2019

Django Open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate

CVE-2017-7233 was published for django (pip) Jan 4, 2019

Django open redirect Moderate

CVE-2017-7234 was published for django (pip) Jan 4, 2019

Django Denial-of-service possibility in urlize and urlizetrunc template filters Moderate

CVE-2018-7536 was published for django (pip) Jan 4, 2019

Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters Moderate

CVE-2018-7537 was published for django (pip) Jan 4, 2019

mistune Cross-site scripting (XSS) vulnerability Moderate

CVE-2017-16876 was published for mistune (pip) Jan 4, 2019

Plone Open Redirect Moderate

CVE-2017-1000484 was published for plone (pip) Jan 4, 2019

Moderate severity vulnerability that affects moin Moderate

CVE-2017-5934 was published for moin (pip) Jan 4, 2019

PyKMIP Denial of service vulnerability Moderate

CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018

aiohttp-session creates non-expiring sessions Moderate

CVE-2018-1000814 was published for aiohttp-session (pip) Dec 20, 2018

Cross site scripting in flask-admin Moderate

CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018

Session Fixation in Tryton Moderate

CVE-2018-19443 was published for tryton (pip) Nov 29, 2018

Jupyter Notebook XSS via directory name Moderate

CVE-2018-19352 was published for notebook (pip) Nov 21, 2018

Jupyter Notebook XSS via untrusted notebooks Moderate

CVE-2018-19351 was published for notebook (pip) Nov 21, 2018

Moderate severity vulnerability that affects python-gnupg Moderate

CVE-2014-1928 was published for python-gnupg (pip) Nov 6, 2018

python-gnupg vulnerable to shell injection Moderate

CVE-2014-1929 was published for python-gnupg (pip) Nov 6, 2018

Ansible does not verify that the server hostname matches a domain name in certificates Moderate

CVE-2015-3908 was published for ansible (pip) Oct 10, 2018

Improper Input Validation in ansible Moderate

CVE-2016-8647 was published for ansible (pip) Oct 10, 2018

Ansible exposes sensitive data in log files and on the terminal Moderate

CVE-2018-10855 was published for ansible (pip) Oct 10, 2018

In marshmallow library the schema "only" option treats an empty list as implying no "only" option Moderate

CVE-2018-17175 was published for marshmallow (pip) Oct 10, 2018

Pyopenssl Incorrect Memory Management Moderate

CVE-2018-1000808 was published for pyopenssl (pip) Oct 10, 2018

Django open redirect Moderate

CVE-2018-14574 was published for django (pip) Oct 4, 2018

Django allows unprivileged users to read the password hashes of arbitrary accounts Moderate

CVE-2018-16984 was published for django (pip) Oct 3, 2018

Qutebrowser XSS Vulnerability Moderate

CVE-2018-1000559 was published for qutebrowser (pip) Sep 13, 2018

Previous 1 2 … 55 56 57 58 59 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,464 advisories