Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

123 advisories

Loading
Plone Denial of Service vulnerability Moderate
CVE-2011-4462 was published for Plone (pip) Jul 23, 2018
Improper query string handling in Django Moderate
CVE-2010-4534 was published for Django (pip) Jul 23, 2018
MarkLee131
Improper date handling in Django Moderate
CVE-2010-4535 was published for Django (pip) Jul 23, 2018
MarkLee131
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Improper Input Validation in ansible Moderate
CVE-2016-8647 was published for ansible (pip) Oct 10, 2018
python-gnupg vulnerable to shell injection Moderate
CVE-2014-1929 was published for python-gnupg (pip) Nov 6, 2018
Moderate severity vulnerability that affects python-gnupg Moderate
CVE-2014-1928 was published for python-gnupg (pip) Nov 6, 2018
Improper Input Validation in Django Moderate
CVE-2019-3498 was published for django (pip) Jan 14, 2019
Segfault in Tensorflow Moderate
CVE-2020-15190 was published for tensorflow (pip) Sep 25, 2020
Memory leak in Tensorflow Moderate
CVE-2020-15192 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15194 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15199 was published for tensorflow (pip) Sep 25, 2020
Undefined behavior in Tensorflow Moderate
CVE-2020-15191 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15197 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Heap buffer overflow in Tensorflow Moderate
CVE-2020-15201 was published for tensorflow (pip) Sep 25, 2020
Segmentation fault in tensorflow-lite Moderate
CVE-2020-15210 was published for tensorflow (pip) Sep 25, 2020
Memory leak in Nanopb Moderate
CVE-2020-26243 was published for nanopb (pip) Nov 25, 2020
Cross-site Scripting (XSS) in Django REST Framework Moderate
CVE-2020-25626 was published for djangorestframework (pip) Mar 19, 2021
Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints Moderate
CVE-2021-21393 was published for matrix-synapse (pip) Apr 13, 2021
Denial of service (via resource exhaustion) due to improper input validation on third-party identifier endpoints Moderate
CVE-2021-21394 was published for matrix-synapse (pip) Apr 13, 2021
Sydent DoS (via resource exhaustion) due to improper input validation Moderate
CVE-2021-29433 was published for matrix-sydent (pip) Apr 16, 2021
Malicious users could abuse Sydent to control the content of invitation emails Moderate
CVE-2021-29432 was published for matrix-sydent (pip) Apr 19, 2021
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible Moderate
CVE-2019-14905 was published for ansible (pip) Apr 20, 2021
ProTip! Advisories are also available from the GraphQL API