Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,075 advisories

Loading
Open Redirect in httpie High
CVE-2019-10751 was published for httpie (pip) Aug 27, 2019
Cross-site Scripting in django-js-reverse Moderate
CVE-2019-15486 was published for django-js-reverse (pip) Aug 27, 2019
tdunlap607
NLTK Vulnerable To Path Traversal High
CVE-2019-14751 was published for nltk (pip) Aug 23, 2019
Cross-site scripting in recommender-xblock Moderate
CVE-2018-20858 was published for recommender-xblock (pip) Aug 21, 2019
Pallets Werkzeug Insufficient Entropy High
CVE-2019-14806 was published for werkzeug (pip) Aug 21, 2019
Undirectional routing wasn't respected in some cases in Mitogen Critical
CVE-2019-15149 was published for mitogen (pip) Aug 19, 2019 withdrawn
Improper Certificate Validation in Twisted High
CVE-2019-12855 was published for twisted (pip) Aug 16, 2019
SQL Injection in Django Critical
CVE-2019-14234 was published for django (pip) Aug 16, 2019
Django Denial-of-service in strip_tags() High
CVE-2019-14233 was published for django (pip) Aug 6, 2019
Uncontrolled Recursion in Django High
CVE-2019-14235 was published for django (pip) Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for django (pip) Aug 6, 2019
Exposure of Sensitive Information to an Unauthorized Actor in ansible Moderate
CVE-2019-10156 was published for ansible (pip) Jul 31, 2019
tdunlap607
python-engineio vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2019-13611 was published for python-engineio (pip) Jul 30, 2019
aubio Buffer Overflow vulnerability Critical
CVE-2018-19800 was published for aubio (pip) Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function High
CVE-2018-19802 was published for aubio (pip) Jul 26, 2019
tdunlap607
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank High
CVE-2018-19801 was published for aubio (pip) Jul 26, 2019
Improper Restriction of XML External Entity Reference in ladon Critical
CVE-2019-1010268 was published for ladon (pip) Jul 26, 2019
Infinite Loop in scapy High
CVE-2019-1010142 was published for scapy (pip) Jul 22, 2019
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage High
CVE-2019-1010083 was published for flask (pip) Jul 19, 2019
Ghcml
XML Injection in python-libnmap High
CVE-2019-1010017 was published for python-libnmap (pip) Jul 18, 2019
Cross-site Scripting in invenio-communities Moderate
CVE-2019-1020005 was published for invenio-communities (pip) Jul 16, 2019
tdunlap607
Cross-site Scripting in invenio-previewer Moderate
CVE-2019-1020019 was published for invenio-previewer (pip) Jul 16, 2019
Cross-site scripting invenio-records Moderate
CVE-2019-1020003 was published for invenio-records (pip) Jul 16, 2019
Moderate severity vulnerability that affects invenio-app Moderate
CVE-2019-1020006 was published for invenio-app (pip) Jul 16, 2019
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature High
CVE-2017-11427 was published for python-saml (pip) Jul 5, 2019
ProTip! Advisories are also available from the GraphQL API