Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

97,391 advisories

Loading
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed... High Unreviewed
CVE-2023-0971 was published Jun 21, 2023
koji hub allows arbitrary upload destinations High
CVE-2019-17109 was published for koji (pip) May 24, 2022
Incorrect Default Permissions in keyring High
CVE-2012-5577 was published for keyring (pip) Mar 11, 2020
Insufficient Session Expiration in OpenStack Keystone High
CVE-2020-12690 was published for keystone (pip) Jun 9, 2021
langchain SQL Injection vulnerability High
CVE-2023-36189 was published for langchain (pip) Jul 6, 2023
OpenStack keystonemiddleware does not verify certificate High
CVE-2014-7144 was published for keystonemiddleware (pip) May 17, 2022
OpenStack Keystone Insufficient token expiration High
CVE-2012-5563 was published for keystone (pip) May 17, 2022
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks High
CVE-2015-1852 was published for keystonemiddleware (pip) May 17, 2022
OpenStack Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID High
CVE-2020-12691 was published for keystone (pip) May 24, 2022
Python Keyring does not securely initialize encryption cipher High
CVE-2012-4571 was published for keyring (pip) May 17, 2022
Execution with Unnecessary Privileges in ipython High
CVE-2022-21699 was published for ipython (pip) Jan 21, 2022
mlucool quarl
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
Openstack ironic-inspector has SQL injection vulnerability in node_cache High
CVE-2019-10141 was published for ironic-inspector (pip) May 24, 2022
json2xml Uncaught Exception vulnerability High
CVE-2022-25024 was published for json2xml (pip) Aug 23, 2023
Kallithea cross-site request forgery (CSRF) vulnerability High
CVE-2015-0276 was published for Kallithea (pip) May 13, 2022
Kallithea CRLF injection vulnerability High
CVE-2015-5285 was published for kallithea (pip) May 13, 2022
IPython vulnerable to cross site request forgery (CSRF) High
CVE-2015-5607 was published for ipython (pip) May 17, 2022
user-readable api tokens in systemd units for JupyterHub High
CVE-2020-26261 was published for jupyterhub-systemdspawner (pip) Dec 9, 2020
quentinmit
Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote... High Unreviewed
CVE-2018-20072 was published Sep 24, 2024
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it... High Unreviewed
CVE-2023-22862 was published Jun 5, 2023
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is... High Unreviewed
CVE-2024-7149 was published Sep 27, 2024
IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to... High Unreviewed
CVE-2023-28956 was published Jun 22, 2023
Apache Log4j 1.x (EOL) allows Denial of Service (DoS) High
CVE-2023-26464 was published for org.apache.logging.log4j:log4j-core (Maven) Mar 10, 2023
jw123023
Keycloak Session Fixation vulnerability High
CVE-2024-7341 was published for org.keycloak:keycloak-services (Maven) Sep 9, 2024
stianst
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... High Unreviewed
CVE-2024-8608 was published Sep 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database