GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
240,683 advisories
Filter by severity
pyftpdlib Use of Insufficiently Random Values of port selection on PASV command
Moderate
CVE-2007-6738
was published
for
pyftpdlib
(pip)
May 1, 2022
Trac Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2007-1405
was published
for
trac
(pip)
May 1, 2022
Trac missing Content-Disposition HTTP header
High
CVE-2007-1406
was published
for
trac
(pip)
May 1, 2022
Edgewall Trac Cross-site request forgery (CSRF) vulnerability
High
CVE-2006-5878
was published
for
trac
(pip)
May 1, 2022
Trac reStructuredText breach of privacy and denial of service vulnerability
Moderate
CVE-2006-3695
was published
for
trac
(pip)
May 1, 2022
CherryPy Directory traversal vulnerability
Moderate
CVE-2006-0847
was published
for
cherrypy
(pip)
May 1, 2022
Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability
Moderate
CVE-2005-4644
was published
for
trac
(pip)
May 1, 2022
Ops CLI Deserialization of Untrusted Data vulnerability
Critical
CVE-2021-40720
was published
for
ops-cli
(pip)
May 24, 2022
Mezzanine Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-19002
was published
for
Mezzanine
(pip)
May 24, 2022
Borg Improper Access Control vulnerability
High
CVE-2017-15914
was published
for
borgbackup
(pip)
May 13, 2022
Missing Authorization vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a...
Moderate
Unreviewed
CVE-2024-33589
was published
Apr 29, 2024
Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This...
Critical
Unreviewed
CVE-2024-4306
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &...
Moderate
Unreviewed
CVE-2024-33590
was published
Apr 29, 2024
Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects...
Moderate
Unreviewed
CVE-2024-33595
was published
Apr 29, 2024
Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects...
High
Unreviewed
CVE-2024-33591
was published
Apr 29, 2024
Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a...
High
Unreviewed
CVE-2024-33594
was published
Apr 29, 2024
Missing Authorization vulnerability in RedNao Smart Forms.This issue affects Smart Forms: from n...
Moderate
Unreviewed
CVE-2024-33593
was published
Apr 29, 2024
A Cross-Site Scripting XSS vulnerability has been detected on GT3 Soluciones SWAL. This...
Moderate
Unreviewed
CVE-2024-4304
was published
Apr 29, 2024
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic....
Low
Unreviewed
CVE-2024-1258
was published
Feb 6, 2024
A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2...
Moderate
Unreviewed
CVE-2024-1920
was published
Feb 27, 2024
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability
Moderate
CVE-2020-18699
was published
for
lin-cms
(pip)
May 24, 2022
trytond arbitrary fields write via a sequence of records
Moderate
CVE-2015-0861
was published
for
trytond
(pip)
May 14, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2009-1482
was published
for
moin
(pip)
May 2, 2022
Trac Cross-site Scripting (XSS) vulnerability
Moderate
CVE-2008-3328
was published
for
trac
(pip)
May 1, 2022
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers
Moderate
CVE-2009-0668
was published
for
ZODB3
(pip)
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API