Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

9 advisories

The image module in Drupal 7.x before 7.14 does not properly check permissions when caching... Moderate Unreviewed
CVE-2012-1591 was published May 17, 2022
SimpleGeo python-oauth2 vulnerable to the use of Insufficiently Random Values to generate nonces Low
CVE-2013-4347 was published for oauth2 (pip) May 17, 2022
SimpleGeo python-oauth2 does not check the nonce allowing replay attacks Moderate
CVE-2013-4346 was published for oauth2 (pip) May 17, 2022
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing... Moderate Unreviewed
CVE-2010-5107 was published May 17, 2022
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other... High Unreviewed
CVE-2013-1591 was published May 14, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in... Low Unreviewed
CVE-2012-2687 was published May 13, 2022
Remote web-service operation execution in Apache CXF High
CVE-2012-3451 was published for org.apache.cxf:cxf (Maven) May 13, 2022
sunSUNQ
Apache Tomcat affected by vulnerability in TLS and SSL protocol Moderate
CVE-2009-3555 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server... Moderate Unreviewed
CVE-2008-0455 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API