Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,328 advisories

Loading
ecdsa Denial of Service vulnerability in signature verification and signature malleability High
CVE-2019-14853 was published for ecdsa (pip) Oct 8, 2019
Cross-Site Request Forgery in MicroPyramid Django CRM High
CVE-2019-11457 was published for django-crm (pip) Sep 11, 2019
Open Redirect in httpie High
CVE-2019-10751 was published for httpie (pip) Aug 27, 2019
NLTK Vulnerable To Path Traversal High
CVE-2019-14751 was published for nltk (pip) Aug 23, 2019
Pallets Werkzeug Insufficient Entropy High
CVE-2019-14806 was published for werkzeug (pip) Aug 21, 2019
Sensitive data written to disk unencrypted in Spark High
CVE-2019-10099 was published for org.apache.spark:spark-core_2.11 (Maven) Aug 8, 2019
Django Denial-of-service in strip_tags() High
CVE-2019-14233 was published for Django (pip) Aug 6, 2019
Uncontrolled Recursion in Django High
CVE-2019-14235 was published for Django (pip) Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for Django (pip) Aug 6, 2019
python-engineio vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2019-13611 was published for python-engineio (pip) Jul 30, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function High
CVE-2018-19802 was published for aubio (pip) Jul 26, 2019
tdunlap607
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank High
CVE-2018-19801 was published for aubio (pip) Jul 26, 2019
Infinite Loop in scapy High
CVE-2019-1010142 was published for scapy (pip) Jul 22, 2019
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage High
CVE-2019-1010083 was published for flask (pip) Jul 19, 2019
Ghcml
XML Injection in python-libnmap High
CVE-2019-1010017 was published for python-libnmap (pip) Jul 18, 2019
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature High
CVE-2017-11427 was published for python-saml (pip) Jul 5, 2019
HPACK Denial of Service vulnerability (HPACK Bomb) High
CVE-2016-6581 was published for hpack (pip) Jul 5, 2019
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
postfix-mta-sts-resolver Algorithm Downgrade vulnerability High
CVE-2019-16791 was published for postfix-mta-sts-resolver (pip) Jul 5, 2019
Deserialization vulnerability exists in parso High
CVE-2019-12760 was published for parso (pip) Jun 13, 2019 withdrawn
Code Injection in PyXDG High
CVE-2019-12761 was published for pyxdg (pip) Jun 7, 2019
Improper Input Validation in Google TensorFlow High
CVE-2018-7577 was published for tensorflow (pip) Apr 30, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-10055 was published for tensorflow (pip) Apr 30, 2019
Rejected CVE ID High
CVE-2018-7574 was published for tensorflow (pip) Apr 30, 2019 withdrawn
NULL Pointer Dereference in Google TensorFlow High
CVE-2019-9635 was published for tensorflow (pip) Apr 30, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database