Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
django-sendfile2 before 0.7.0 contains reflected file download vulnerability High
GHSA-pcjh-6r5h-r92r was published for django-sendfile2 (pip) Aug 11, 2022
moggers87 sergei-maertens
Incomplete validation in MKL requantization High
CVE-2021-37665 was published for tensorflow (pip) Aug 25, 2021
Incomplete validation in `QuantizeV2` High
CVE-2021-37663 was published for tensorflow (pip) Aug 25, 2021
Apache Airflow Google Provider Improper Input Validation vulnerability High
CVE-2023-25692 was published for apache-airflow-providers-google (pip) Feb 24, 2023
Apache Airflow Spark Provider vulnerable to improper input validation High
CVE-2023-28710 was published for apache-airflow-providers-apache-spark (pip) Apr 7, 2023
Topydo Improper Input Validation vulnerability High
CVE-2018-1000523 was published for topydo (pip) Sep 13, 2018
WASM3 Improper Input Validation vulnerability High
CVE-2022-39974 was published for pywasm3 (pip) Sep 21, 2022
Improper Input Validation python-gnupg High
CVE-2019-6690 was published for python-gnupg (pip) Mar 25, 2019
Matrix Synapse DoS High
CVE-2018-10657 was published for matrix-synapse (pip) May 14, 2022
Withdrawn Advisory: OnionShare Predictable Pathname High
CVE-2018-19960 was published for onionshare-cli (pip) May 14, 2022 withdrawn
Apache Airflow Apache Hive Provider Improper Input Validation vulnerability High
CVE-2023-37415 was published for apache-airflow-providers-apache-hive (pip) Jul 13, 2023
PDM Trojan Lockfile High
CVE-2023-45805 was published for pdm (pip) Oct 20, 2023
wayphinder
Airflow Sqoop Provider RCE Vulnerability High
CVE-2023-27604 was published for apache-airflow-providers-apache-sqoop (pip) Aug 28, 2023
Apache Airflow Spark Provider Improper Input Validation vulnerability High
CVE-2023-40272 was published for apache-airflow-providers-apache-spark (pip) Aug 17, 2023
Apache Airflow JDBC Provider Improper Input Validation vulnerability High
CVE-2023-22886 was published for apache-airflow-providers-jdbc (pip) Jun 29, 2023
Potentially untrusted input is rendered as HTML in final output High
CVE-2024-26151 was published for mjml (pip) Feb 22, 2024
sh-at-cs
Remote Code Execution Vulnerability in Microsoft Django Backend for SQL Server High
CVE-2024-26164 was published for mssql-django (pip) Mar 12, 2024
MLFlow improper input validation High
CVE-2024-37061 was published for mlflow (pip) Jun 4, 2024
Local file inclusion in gradio High
CVE-2024-4941 was published for gradio (pip) Jun 6, 2024
Apache Avro Java SDK vulnerable to Improper Input Validation High
CVE-2023-39410 was published for avro (Maven) Sep 29, 2023
Weave server API vulnerable to arbitrary file leak High
CVE-2024-7340 was published for weave (pip) Jul 31, 2024
ansible-runner vulnerable to shell command injection High
CVE-2021-4041 was published for ansible-runner (pip) Aug 25, 2022
Ansible Arbitrary Code Execution High
CVE-2014-3498 was published for ansible (pip) May 14, 2022
Ansible Arbitrary Code Execution High
CVE-2017-7466 was published for ansible (pip) May 13, 2022
Ansible is vulnerable to an improper input validation in Ansible's handling of data sent from client systems High
CVE-2016-9587 was published for ansible (pip) Oct 10, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database