Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

263 advisories

Loading
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow Low
CVE-2019-16778 was published for tensorflow (pip) Dec 16, 2019
Segmentation faultin TensorFlow when converting a Python string to `tf.float16` Low
CVE-2020-5215 was published for tensorflow (pip) Jan 28, 2020
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used Low
GHSA-mr6r-mvw4-736g was published for vyper (pip) Mar 25, 2020
montyly
Incorrect Provision of Specified Functionality in qutebrowser Low
CVE-2020-11054 was published for qutebrowser (pip) May 8, 2020
The-Compiler
Timing attack on django-basic-auth-ip-whitelist Low
CVE-2020-4071 was published for django-basic-auth-ip-whitelist (pip) Jun 23, 2020
thibaudcolas
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
personnummer/python vulnerable to Improper Input Validation Low
GHSA-rxq3-5249-8hgg was published for personnummer (pip) Sep 9, 2020
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration Low
GHSA-f366-4rvv-95x2 was published for cryptoauthlib (pip) Oct 2, 2020
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
CLI does not correctly implement strict mode Low
GHSA-2xwp-m7mq-7q3r was published for aws-encryption-sdk-cli (pip) Oct 28, 2020
Open redirect in Jupyter Notebook Low
CVE-2020-26215 was published for notebook (pip) Nov 18, 2020
datasette-graphql leaks details of the schema of private database files Low
GHSA-74hv-qjjq-h7g5 was published for datasette-graphql (pip) Nov 24, 2020
UNEDITABLE_SCHEMAS and UNEDITABLE_TABLE_DESCRIPTION_MATCH_RULES not respected by frontend service backend Low
GHSA-47qg-q58v-7vrp was published for amundsen-frontend (pip) Dec 2, 2020
dorianj
Lack of validation in data format attributes in TensorFlow Low
CVE-2020-26267 was published for tensorflow (pip) Dec 10, 2020
Apache Airflow logs passwords in plaintext Low
CVE-2020-17511 was published for apache-airflow (pip) Dec 17, 2020
RSA weakness in tslite-ng Low
CVE-2020-26263 was published for tlslite-ng (pip) Dec 21, 2020
tomato42
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Timing attack Low
GHSA-xm8r-5wh6-f46f was published for autobahn (pip) Feb 24, 2021 withdrawn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware) Low
CVE-2021-21330 was published for aiohttp (pip) Feb 26, 2021
jelmer g147
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in Ansible Low
CVE-2020-1739 was published for ansible (pip) Apr 7, 2021
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption Low
GHSA-375m-5fvv-xq23 was published for vyper (pip) Apr 19, 2021
Open Redirect in Flask-Security-Too Low
CVE-2021-32618 was published for Flask-Security-Too (pip) May 17, 2021
tdunlap607
Heap buffer overflow in `RaggedBinCount` Low
CVE-2021-29512 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database