Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,444 advisories

Loading
Moderate severity vulnerability that affects feedparser Moderate
CVE-2011-1156 was published for feedparser (pip) Jul 23, 2018
Moderate severity vulnerability that affects Plone and Zope2 Moderate
CVE-2012-5489 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects invenio-app Moderate
CVE-2019-1020006 was published for invenio-app (pip) Jul 16, 2019
Moderate severity vulnerability that affects feedparser Moderate
CVE-2011-1157 was published for feedparser (pip) Jul 23, 2018
Moderate severity vulnerability that affects Plone and Zope2 Moderate
CVE-2012-5507 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects django Moderate
CVE-2011-4140 was published for django (pip) Jul 23, 2018
Moderate severity vulnerability that affects feedparser Moderate
CVE-2012-2921 was published for feedparser (pip) Jul 24, 2018
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
Cross site scripting in flask-admin Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16405 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Moderate severity vulnerability that affects Plone Moderate
CVE-2012-5503 was published for Plone (pip) Jul 23, 2018
Cross-site Scripting in invenio-previewer Moderate
CVE-2019-1020019 was published for invenio-previewer (pip) Jul 16, 2019
markdown2 is vulnerable to cross-site scripting Moderate
CVE-2018-5773 was published for markdown2 (pip) Jul 12, 2018
woodruffw
JSNAPy allows unprivileged local users to alter files under the directory Moderate
CVE-2018-0023 was published for jsnapy (pip) Jul 12, 2018
Moderate severity vulnerability that affects Products.PlonePAS Moderate
CVE-2009-0662 was published for Products.PlonePAS (pip) Jul 23, 2018
Session Fixation in Tryton Moderate
CVE-2018-19443 was published for tryton (pip) Nov 29, 2018
Multiple stored XSS in RBAC Admin screens in Apache Airflow Moderate
CVE-2020-11983 was published for apache-airflow (pip) Jul 27, 2020
CSRF tokens leaked in URL by canned query form Moderate
GHSA-q6j3-c4wc-63vw was published for datasette (pip) Aug 11, 2020
Moderate severity vulnerability that affects Zope2 Moderate
CVE-2010-1104 was published for Zope2 (pip) Jul 23, 2018
Stored XSS in Apache Airflow Moderate
CVE-2020-9485 was published for apache-airflow (pip) Jul 27, 2020
Moderate severity vulnerability that affects aioxmpp Moderate
GHSA-32f7-cmr3-vpjv was published for aioxmpp (pip) Feb 7, 2019 withdrawn
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Cross-Site Scripting in Wagtail Moderate
CVE-2020-15118 was published for wagtail (pip) Jul 20, 2020
acarasimon96
Client Denial of Service on TUF Moderate
CVE-2020-6173 was published for tuf (pip) Aug 21, 2020
ProTip! Advisories are also available from the GraphQL API