GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
398 advisories
Filter by severity
OpenStack os-vif Ageing time of 0 disables linuxbridge MAC learning
Critical
CVE-2019-15753
was published
for
os-vif
(pip)
May 24, 2022
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function
Critical
CVE-2019-1010259
was published
for
salt
(pip)
May 24, 2022
LinOTP replay vulnerability with auto resynchronization enabled for TOTP token
Critical
CVE-2019-12887
was published
for
LinOTP
(pip)
May 24, 2022
Openstack Magnum Unsafe Credential Handling
Critical
CVE-2016-7404
was published
for
openstack-magnum
(pip)
May 24, 2022
Ansible Arbitrary Code Execution
Critical
CVE-2014-4966
was published
for
ansible
(pip)
May 17, 2022
Ansible Arbitrary Code Execution
Critical
CVE-2014-4967
was published
for
ansible
(pip)
May 17, 2022
JGit Improper Input Validation vulnerability
Critical
CVE-2014-9390
was published
for
mercurial
(Maven)
May 17, 2022
graphite-web is vulnerable to Remote Code Execution
Critical
CVE-2013-5942
was published
for
graphite-web
(pip)
May 17, 2022
graphite-web is vulnerable to Remote Code Execution via renderLocalView function
Critical
CVE-2013-5093
was published
for
graphite-web
(pip)
May 17, 2022
Dulwich Buffer Overflow when handling pack files
Critical
CVE-2015-0838
was published
for
dulwich
(pip)
May 17, 2022
Dulwich Arbitrary code execution via commit with directory path starting with .git
Critical
CVE-2014-9706
was published
for
dulwich
(pip)
May 17, 2022
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component
Critical
CVE-2016-1505
was published
for
Radicale
(pip)
May 17, 2022
Radicale vulnerable to arbitrary file read or write
Critical
CVE-2015-8747
was published
for
Radicale
(pip)
May 17, 2022
Improper Input Validation in Jupyter Notebook
Critical
CVE-2015-7337
was published
for
ipython
(pip)
May 17, 2022
python-jose failure to use a constant time comparison for HMAC keys
Critical
CVE-2016-7036
was published
for
python-jose
(pip)
May 17, 2022
Salt allows deleted minions to read or write to minions with the same id
Critical
CVE-2016-9639
was published
for
salt
(pip)
May 17, 2022
PySAML2 XML external entity attack
Critical
CVE-2016-10127
was published
for
pysaml2
(pip)
May 17, 2022
salt password information leaked in debug logs
Critical
CVE-2015-6941
was published
for
salt
(pip)
May 17, 2022
OpenStack Object Storage (swift) Code Injection vulnerability
Critical
CVE-2012-4406
was published
for
swift
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API