Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,444 advisories

Loading
Jupyter Notebook XSS via directory name Moderate
CVE-2018-19352 was published for notebook (pip) Nov 21, 2018
Session Fixation in Tryton Moderate
CVE-2018-19443 was published for tryton (pip) Nov 29, 2018
Cross site scripting in flask-admin Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
aiohttp-session creates non-expiring sessions Moderate
CVE-2018-1000814 was published for aiohttp-session (pip) Dec 20, 2018
PyKMIP Denial of service vulnerability Moderate
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Plone Open Redirect Moderate
CVE-2017-1000484 was published for plone (pip) Jan 4, 2019
mistune Cross-site scripting (XSS) vulnerability Moderate
CVE-2017-16876 was published for mistune (pip) Jan 4, 2019
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters Moderate
CVE-2018-7537 was published for django (pip) Jan 4, 2019
sunSUNQ
Django Denial-of-service possibility in urlize and urlizetrunc template filters Moderate
CVE-2018-7536 was published for django (pip) Jan 4, 2019
tdunlap607
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Django Open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for django (pip) Jan 4, 2019
sunSUNQ
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for django (pip) Jan 4, 2019
MarkLee131
Improper Input Validation in Django Moderate
CVE-2019-3498 was published for django (pip) Jan 14, 2019
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Pyspark User Impersonation Vulnerability Moderate
CVE-2018-11760 was published for pyspark (pip) Feb 7, 2019
westonsteimel
Moderate severity vulnerability that affects aioxmpp Moderate
GHSA-32f7-cmr3-vpjv was published for aioxmpp (pip) Feb 7, 2019 withdrawn
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Open Redirect vulnerability in jupyterhub and notebook Moderate
CVE-2019-10255 was published for jupyterhub (pip) Apr 2, 2019
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
Jupyter Notebook open redirect vulnerability Moderate
CVE-2019-10856 was published for notebook (pip) Apr 9, 2019
Tryton Improper Access Control Moderate
CVE-2019-10868 was published for trytond (pip) Apr 10, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2019-0216 was published for apache-airflow (pip) Apr 12, 2019
sunSUNQ
Ansible Path Traversal vulnerability Moderate
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
Null pointer dereference in TensorFlow leads to exploitation Moderate
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
ProTip! Advisories are also available from the GraphQL API