Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark Moderate
CVE-2018-1334 was published for org.apache.spark:spark-core_2.10 (Maven) Mar 14, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Moderate severity vulnerability that affects aioxmpp Moderate
GHSA-32f7-cmr3-vpjv was published for aioxmpp (pip) Feb 7, 2019 withdrawn
Pyspark User Impersonation Vulnerability Moderate
CVE-2018-11760 was published for pyspark (pip) Feb 7, 2019
westonsteimel
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for Django (pip) Jan 4, 2019
MarkLee131
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for Django (pip) Jan 4, 2019
sunSUNQ
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Django denial-of-service possibility in urlize and urlizetrunc template filters Moderate
CVE-2018-7536 was published for Django (pip) Jan 4, 2019
tdunlap607
mistune Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-16876 was published for mistune (pip) Jan 4, 2019
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Flask-Admin Cross-site Scripting vulnerability Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
Jupyter Notebook XSS via directory name Moderate
CVE-2018-19352 was published for notebook (pip) Nov 21, 2018
Jupyter Notebook XSS via untrusted notebooks Moderate
CVE-2018-19351 was published for notebook (pip) Nov 21, 2018
Improper Input Validation in ansible Moderate
CVE-2016-8647 was published for ansible (pip) Oct 10, 2018
In marshmallow library the schema "only" option treats an empty list as implying no "only" option Moderate
CVE-2018-17175 was published for marshmallow (pip) Oct 10, 2018
Django open redirect Moderate
CVE-2018-14574 was published for Django (pip) Oct 4, 2018
MarkLee131
Django allows unprivileged users to read the password hashes of arbitrary accounts Moderate
CVE-2018-16984 was published for django (pip) Oct 3, 2018
sunSUNQ
Qutebrowser XSS Vulnerability Moderate
CVE-2018-1000559 was published for qutebrowser (pip) Sep 13, 2018
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16407 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16406 was published for mayan-edms (pip) Sep 6, 2018
mayan-edms Cross-site Scripting vulnerability Moderate
CVE-2018-16405 was published for mayan-edms (pip) Sep 6, 2018
Pillow Integer overflow in Map.c Moderate
CVE-2016-9189 was published for pillow (pip) Jul 24, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database