Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,739 advisories

Loading
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration Low
GHSA-f366-4rvv-95x2 was published for cryptoauthlib (pip) Oct 2, 2020
CLI does not correctly implement strict mode Low
GHSA-2xwp-m7mq-7q3r was published for aws-encryption-sdk-cli (pip) Oct 28, 2020
Open Redirect in Flask-Security-Too Low
GHSA-gxjj-f44v-qm94 was published for Flask-Security-Too (pip) Dec 14, 2021 withdrawn
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint Moderate
GHSA-7h5v-85w9-pq6c was published for matrix-synapse (pip) May 19, 2021
Uncontrolled Resource Consumption in pillow Moderate
GHSA-jgpv-4h4c-xhw3 was published for pillow (pip) Apr 23, 2021
Storage corruption due to variables overwritten by re-entrancy locks High
GHSA-7f92-rr6w-cq64 was published for vyper (pip) Aug 5, 2021
pandadefi charles-cooper
iamdefinitelyahuman
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
Potential API key leak Moderate
GHSA-63rq-p8fp-524q was published for sopel-modules.weather (pip) Apr 13, 2021
VVE-2021-0001: Memory corruption using function calls within arrays Moderate
GHSA-22wc-c9wj-6q2v was published for vyper (pip) Apr 19, 2021
Improper Verification of Cryptographic Signature in aws-encryption-sdk Moderate
GHSA-x5h4-9gqw-942j was published for aws-encryption-sdk (pip) Jun 1, 2021
Unauthorized access through URL manipulation High
GHSA-qrmm-w4v4-q7f8 was published for docassemble (pip) May 6, 2021
jimmio
Improper Verification of Cryptographic Signature in aws-encryption-sdk-cli Moderate
GHSA-89v2-g37m-g3ff was published for aws-encryption-sdk-cli (pip) Jun 1, 2021
Improper Input Validation in OpenCV Moderate
CVE-2016-1517 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds Write in OpenCV Moderate
CVE-2017-14136 was published for opencv-contrib-python (pip) Oct 12, 2021
Out-of-bounds Read in OpenCV High
CVE-2017-18009 was published for opencv-contrib-python (pip) Oct 12, 2021
ReDoS in LDAP schema parser Moderate
GHSA-r8wq-qrxc-hmcm was published for python-ldap (pip) Nov 29, 2021
Denial of Service in OpenCV High
CVE-2017-12602 was published for opencv-contrib-python (pip) Oct 12, 2021
Denial of Service in OpenCV High
CVE-2017-12600 was published for opencv-contrib-python (pip) Oct 12, 2021
Python-TUF vulnerable to incorrect threshold signature computation for new root metadata Low
GHSA-r7vq-6425-j94w was published for tuf (pip) Sep 15, 2022
trishankatdatadog
Arbitrary file deletion in NeMo ASR webapp Low
GHSA-rpx7-33j2-xx9x was published for nemo_toolkit (pip) Feb 15, 2022
haby0
Invalid URL generation in bitlyshortener Moderate
GHSA-rcrv-228c-gprj was published for bitlyshortener (pip) Jan 21, 2022
Cross-site Scripting and Open Redirect in Products.CMFPlone Moderate
GHSA-8w54-22w9-3g8f was published for Products.CMFPlone (pip) Jan 28, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow Critical
GHSA-h6gw-r52c-724r was published for tensorflow (pip) Feb 9, 2022
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database