Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

285 advisories

Loading
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode Low
GHSA-xf83-q765-xm6m was published for tensorflow (pip) Nov 21, 2022
rdiffweb vulnerable to Improper Cleanup on Thrown Exception Low
CVE-2022-3301 was published for rdiffweb (pip) Sep 27, 2022
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type Low
CVE-2022-2872 was published for OctoPrint (pip) Sep 22, 2022
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` Low
CVE-2022-36016 was published for tensorflow (pip) Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops Low
CVE-2022-36015 was published for tensorflow (pip) Sep 16, 2022
Python-TUF vulnerable to incorrect threshold signature computation for new root metadata Low
GHSA-r7vq-6425-j94w was published for tuf (pip) Sep 15, 2022
trishankatdatadog
OctoPrint does not have rate limiting on the login page Low
CVE-2022-2822 was published for OctoPrint (pip) Aug 16, 2022
OpenStack Nova Changing vnic_type breaks compute service restart Low
CVE-2022-37394 was published for nova (pip) Aug 4, 2022
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings Low
CVE-2022-31177 was published for Flask-AppBuilder (pip) Jul 29, 2022
OpenStack Nova can leak consoleauth token into log files Low
CVE-2015-9543 was published for Nova (pip) May 24, 2022
Virtualenv Allows Symlink Attack on /tmp/ Low
CVE-2011-4617 was published for virtualenv (pip) May 17, 2022
OpenStack Nova Scheduler denial of service through scheduler_hints Low
CVE-2012-3371 was published for Nova (pip) May 17, 2022
Python Keyring does not securely initialize encryption cipher Low
CVE-2012-4571 was published for keyring (pip) May 17, 2022
OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors Low
CVE-2013-4278 was published for nova (pip) May 17, 2022
OpenStack Cinder LVMVolumeDriver does not zero deleted snapshots Low
CVE-2013-4183 was published for cinder (pip) May 17, 2022
OpenStack Identity Keystone Privilege Escalation vulnerability Low
CVE-2013-4477 was published for keystone (pip) May 17, 2022
OpenStack Glance sensitive information disclosure via logs Low
CVE-2014-1948 was published for glance (pip) May 17, 2022
Plone Denial of Service vulnerability via decompressing large zip archives Low
CVE-2013-4199 was published for plone (pip) May 17, 2022
Plone is vulnerable to File System Path Exposure Low
CVE-2013-4194 was published for plone (pip) May 17, 2022
OpenStack Nova VMWare driver leaks rescued images Low
CVE-2014-2573 was published for nova (pip) May 17, 2022
Ajenti Cross-site scripting (XSS) vulnerability Low
CVE-2014-2260 was published for ajenti (pip) May 17, 2022
OpenStack Keystone Sensitive information disclosure via log files Low
CVE-2013-2006 was published for keystone (pip) May 17, 2022
OpenStack Nova denial of service through compressed disk images Low
CVE-2013-4463 was published for nova (pip) May 17, 2022
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image Low
CVE-2013-4469 was published for nova (pip) May 17, 2022
OpenStack Nova host data leak to vm instance in rescue mode Low
CVE-2014-0134 was published for nova (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API