GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,075 advisories
Filter by severity
Cross-site Scripting in django-js-reverse
Moderate
CVE-2019-15486
was published
for
django-js-reverse
(pip)
Aug 27, 2019
Cross-site scripting in recommender-xblock
Moderate
CVE-2018-20858
was published
for
recommender-xblock
(pip)
Aug 21, 2019
Pallets Werkzeug Insufficient Entropy
High
CVE-2019-14806
was published
for
werkzeug
(pip)
Aug 21, 2019
Undirectional routing wasn't respected in some cases in Mitogen
Critical
CVE-2019-15149
was published
for
mitogen
(pip)
Aug 19, 2019
•
withdrawn
Improper Certificate Validation in Twisted
High
CVE-2019-12855
was published
for
twisted
(pip)
Aug 16, 2019
Django Denial-of-service in strip_tags()
High
CVE-2019-14233
was published
for
django
(pip)
Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator
High
CVE-2019-14232
was published
for
django
(pip)
Aug 6, 2019
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Moderate
CVE-2019-10156
was published
for
ansible
(pip)
Jul 31, 2019
python-engineio vulnerable to Cross-Site Request Forgery (CSRF)
High
CVE-2019-13611
was published
for
python-engineio
(pip)
Jul 30, 2019
aubio Buffer Overflow vulnerability
Critical
CVE-2018-19800
was published
for
aubio
(pip)
Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function
High
CVE-2018-19802
was published
for
aubio
(pip)
Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank
High
CVE-2018-19801
was published
for
aubio
(pip)
Jul 26, 2019
Improper Restriction of XML External Entity Reference in ladon
Critical
CVE-2019-1010268
was published
for
ladon
(pip)
Jul 26, 2019
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage
High
CVE-2019-1010083
was published
for
flask
(pip)
Jul 19, 2019
XML Injection in python-libnmap
High
CVE-2019-1010017
was published
for
python-libnmap
(pip)
Jul 18, 2019
Cross-site Scripting in invenio-communities
Moderate
CVE-2019-1020005
was published
for
invenio-communities
(pip)
Jul 16, 2019
Cross-site Scripting in invenio-previewer
Moderate
CVE-2019-1020019
was published
for
invenio-previewer
(pip)
Jul 16, 2019
Cross-site scripting invenio-records
Moderate
CVE-2019-1020003
was published
for
invenio-records
(pip)
Jul 16, 2019
Moderate severity vulnerability that affects invenio-app
Moderate
CVE-2019-1020006
was published
for
invenio-app
(pip)
Jul 16, 2019
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature
High
CVE-2017-11427
was published
for
python-saml
(pip)
Jul 5, 2019
ProTip!
Advisories are also available from the
GraphQL API