Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,326 advisories

Loading
HPACK Denial of Service vulnerability (HPACK Bomb) High
CVE-2016-6581 was published for hpack (pip) Jul 5, 2019
Injection vulnerability that affects ironic-discoverd Critical
CVE-2015-5306 was published for ironic-inspector (pip) Jul 5, 2019
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
postfix-mta-sts-resolver Algorithm Downgrade vulnerability High
CVE-2019-16791 was published for postfix-mta-sts-resolver (pip) Jul 5, 2019
Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS Moderate
CVE-2019-12781 was published for Django (pip) Jul 3, 2019
Improper Verification of Cryptographic Signature in django-rest-registration Critical
CVE-2019-13177 was published for django-rest-registration (pip) Jul 2, 2019
peterthomassen
Deserialization vulnerability exists in parso High
CVE-2019-12760 was published for parso (pip) Jun 13, 2019 withdrawn
Django Cross-site Scripting in AdminURLFieldWidget Moderate
CVE-2019-12308 was published for Django (pip) Jun 10, 2019
sunSUNQ
Twisted CRLF Injection Moderate
CVE-2019-12387 was published for twisted (pip) Jun 10, 2019
Code Injection in PyXDG High
CVE-2019-12761 was published for pyxdg (pip) Jun 7, 2019
Improper Authentication in Buildbot Critical
CVE-2019-12300 was published for buildbot (pip) May 29, 2019
Improper Input Validation in Google TensorFlow High
CVE-2018-7577 was published for tensorflow (pip) Apr 30, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-10055 was published for tensorflow (pip) Apr 30, 2019
Rejected CVE ID High
CVE-2018-7574 was published for tensorflow (pip) Apr 30, 2019 withdrawn
NULL Pointer Dereference in Google TensorFlow High
CVE-2019-9635 was published for tensorflow (pip) Apr 30, 2019
Integer Overflow or Wraparound in Google TensorFlow Critical
CVE-2018-7575 was published for tensorflow (pip) Apr 30, 2019
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Rudloff
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Null pointer dereference in TensorFlow leads to exploitation High
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
Improper Input Validation in python-dbusmock High
CVE-2015-1326 was published for python-dbusmock (pip) Apr 23, 2019
Improper Certificate Validation in urllib3 High
CVE-2019-11324 was published for urllib3 (pip) Apr 19, 2019
tdunlap607
Apache Airflow vulnerable to CSRF Attacks High
CVE-2019-0229 was published for apache-airflow (pip) Apr 18, 2019
SQLAlchemy vulnerable to SQL Injection via order_by parameter Critical
CVE-2019-7164 was published for SQLAlchemy (pip) Apr 16, 2019
SQLAlchemy is vulnerable to SQL Injection via group_by parameter Critical
CVE-2019-7548 was published for SQLAlchemy (pip) Apr 16, 2019
Ansible Path Traversal vulnerability Moderate
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database