Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

240,683 advisories

Loading
pyftpdlib Use of Insufficiently Random Values of port selection on PASV command Moderate
CVE-2007-6738 was published for pyftpdlib (pip) May 1, 2022
Trac Cross-site Scripting (XSS) vulnerability Moderate
CVE-2007-1405 was published for trac (pip) May 1, 2022
Trac missing Content-Disposition HTTP header High
CVE-2007-1406 was published for trac (pip) May 1, 2022
Edgewall Trac Cross-site request forgery (CSRF) vulnerability High
CVE-2006-5878 was published for trac (pip) May 1, 2022
Trac reStructuredText breach of privacy and denial of service vulnerability Moderate
CVE-2006-3695 was published for trac (pip) May 1, 2022
CherryPy Directory traversal vulnerability Moderate
CVE-2006-0847 was published for cherrypy (pip) May 1, 2022
Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability Moderate
CVE-2005-4644 was published for trac (pip) May 1, 2022
Ops CLI Deserialization of Untrusted Data vulnerability Critical
CVE-2021-40720 was published for ops-cli (pip) May 24, 2022
Mezzanine Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-19002 was published for Mezzanine (pip) May 24, 2022
Borg Improper Access Control vulnerability High
CVE-2017-15914 was published for borgbackup (pip) May 13, 2022
Missing Authorization vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a... Moderate Unreviewed
CVE-2024-33589 was published Apr 29, 2024
Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This... Critical Unreviewed
CVE-2024-4306 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &... Moderate Unreviewed
CVE-2024-33590 was published Apr 29, 2024
Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects... Moderate Unreviewed
CVE-2024-33595 was published Apr 29, 2024
Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects... High Unreviewed
CVE-2024-33591 was published Apr 29, 2024
Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a... High Unreviewed
CVE-2024-33594 was published Apr 29, 2024
Missing Authorization vulnerability in RedNao Smart Forms.This issue affects Smart Forms: from n... Moderate Unreviewed
CVE-2024-33593 was published Apr 29, 2024
A Cross-Site Scripting XSS vulnerability has been detected on GT3 Soluciones SWAL. This... Moderate Unreviewed
CVE-2024-4304 was published Apr 29, 2024
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic.... Low Unreviewed
CVE-2024-1258 was published Feb 6, 2024
A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2... Moderate Unreviewed
CVE-2024-1920 was published Feb 27, 2024
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability Moderate
CVE-2020-18699 was published for lin-cms (pip) May 24, 2022
trytond arbitrary fields write via a sequence of records Moderate
CVE-2015-0861 was published for trytond (pip) May 14, 2022
MoinMoin Cross-site Scripting (XSS) vulnerability Moderate
CVE-2009-1482 was published for moin (pip) May 2, 2022
Trac Cross-site Scripting (XSS) vulnerability Moderate
CVE-2008-3328 was published for trac (pip) May 1, 2022
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers Moderate
CVE-2009-0668 was published for ZODB3 (pip) May 2, 2022
ProTip! Advisories are also available from the GraphQL API