Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,410 advisories

Loading
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for Django (pip) Jan 4, 2019
sunSUNQ
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Django denial-of-service possibility in urlize and urlizetrunc template filters Moderate
CVE-2018-7536 was published for Django (pip) Jan 4, 2019
tdunlap607
mistune Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-16876 was published for mistune (pip) Jan 4, 2019
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Flask-Admin Cross-site Scripting vulnerability Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
Jupyter Notebook XSS via directory name Moderate
CVE-2018-19352 was published for notebook (pip) Nov 21, 2018
Jupyter Notebook XSS via untrusted notebooks Moderate
CVE-2018-19351 was published for notebook (pip) Nov 21, 2018
Improper Input Validation in ansible Moderate
CVE-2016-8647 was published for ansible (pip) Oct 10, 2018
In marshmallow library the schema "only" option treats an empty list as implying no "only" option Moderate
CVE-2018-17175 was published for marshmallow (pip) Oct 10, 2018
Django open redirect Moderate
CVE-2018-14574 was published for Django (pip) Oct 4, 2018
MarkLee131
Django allows unprivileged users to read the password hashes of arbitrary accounts Moderate
CVE-2018-16984 was published for django (pip) Oct 3, 2018
sunSUNQ
Qutebrowser XSS Vulnerability Moderate
CVE-2018-1000559 was published for qutebrowser (pip) Sep 13, 2018
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16407 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16406 was published for mayan-edms (pip) Sep 6, 2018
mayan-edms Cross-site Scripting vulnerability Moderate
CVE-2018-16405 was published for mayan-edms (pip) Sep 6, 2018
Pillow Integer overflow in Map.c Moderate
CVE-2016-9189 was published for pillow (pip) Jul 24, 2018
Pillow Buffer overflow in ImagingLibTiffDecode Moderate
CVE-2016-0740 was published for pillow (pip) Jul 24, 2018
Plone Cross-site Scripting vulnerability Moderate
CVE-2011-1949 was published for Plone (pip) Jul 23, 2018
Cross-site scripting in django Moderate
CVE-2011-0697 was published for Django (pip) Jul 23, 2018
sunSUNQ
Cross-site scripting in django Moderate
CVE-2010-3082 was published for Django (pip) Jul 23, 2018
tdunlap607
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
feedparser Cross-site Scripting vulnerability Moderate
CVE-2011-1157 was published for feedparser (pip) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database