Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,980
Erlang
29
GitHub Actions
16
Go
1,769
Maven
4,994
npm
3,540
NuGet
616
pip
3,110
Pub
10
RubyGems
837
Rust
787
Swift
34
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
High severity vulnerability that affects python-gnupg High
CVE-2013-7323 was published for python-gnupg (pip) Nov 6, 2018
High severity vulnerability that affects python-gnupg High
CVE-2014-1927 was published for python-gnupg (pip) Nov 6, 2018
Python Twisted trustRoot is not respected in HTTP client High
CVE-2014-7143 was published for twisted (pip) Dec 17, 2019
MoinMoin Improper Access Control vulnerability High
CVE-2009-4762 was published for moin (pip) May 2, 2022
MoinMoin improper sanitizes user profiles High
CVE-2010-0669 was published for moin (pip) May 2, 2022
MoinMoin has improper default configuration High
CVE-2010-0717 was published for moin (pip) May 2, 2022
Ansible Arbitrary Code Execution High
CVE-2014-3498 was published for ansible (pip) May 14, 2022
Mercurial vulnerable to arbitrary command execution via a crafted repository name in a clone command High
CVE-2014-9462 was published for mercurial (pip) May 14, 2022
Salt vulnerable to Improper Certificate Validation High
CVE-2015-4017 was published for salt (pip) May 14, 2022
Tryton vulnerable to arbitrary command execution High
CVE-2014-6633 was published for tryton (pip) May 14, 2022
SaltStack Salt Insecure Temporary File Creation High
CVE-2014-3563 was published for salt (pip) May 17, 2022
OpenStack Nova Live migration can leak root disk into ephemeral storage High
CVE-2013-7130 was published for nova (pip) May 17, 2022
Django Vulnerable to MySQL Injection High
CVE-2014-0474 was published for django (pip) May 17, 2022
OpenStack Identity (Keystone) DoS through V3 API authentication chaining High
CVE-2014-2828 was published for keystone (pip) May 17, 2022
Dulwich Arbitrary code execution via commit with directory path starting with .git High
CVE-2014-9706 was published for dulwich (pip) May 17, 2022
Plone Code Injection vulnerability High
CVE-2012-5485 was published for Plone (pip) May 17, 2022
Plone Code Injection vulnerability High
CVE-2012-5488 was published for Plone (pip) May 17, 2022
tdunlap607
Pillow command injection High
CVE-2014-3007 was published for pillow (pip) May 17, 2022
Ansible unsafe evaluation of some strings High
CVE-2014-2686 was published for ansible (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API