GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,444 advisories
Filter by severity
Policies not properly enforced in bluemonday
Moderate
CVE-2021-42576
was published
for
github.com/microcosm-cc/bluemonday
(Go)
Oct 19, 2021
Scrapy leaks the authorization header on same-domain but cross-origin redirects
Moderate
CVE-2024-1968
was published
for
Scrapy
(pip)
May 14, 2024
aiosmtpd STARTTLS unencrypted commands injection
Moderate
CVE-2024-34083
was published
for
aiosmtpd
(pip)
May 20, 2024
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Cross-site request forgery in Django
Moderate
CVE-2011-0696
was published
for
django
(pip)
Jul 23, 2018
Django Denial of Service Vulnerability in the authentication framework
Moderate
CVE-2013-1443
was published
for
django
(pip)
May 17, 2022
MLflow allows low privilege users to delete any artifact
Moderate
CVE-2024-4263
was published
for
mlflow
(pip)
May 16, 2024
Django database denial-of-service with ModelMultipleChoiceField
Moderate
CVE-2015-0222
was published
for
Django
(pip)
May 17, 2022
OpenStack Glance Bypass the storage quota and Denial of service
Moderate
CVE-2014-9623
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance Denial of service by creating a large number of images
Moderate
CVE-2014-9684
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance Denial of service by creating a large number of images
Moderate
CVE-2015-1881
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance improper validation of the image_size_cap configuration option
Moderate
CVE-2014-5356
was published
for
glance
(pip)
May 17, 2022
OpenStack Glance v2 API unrestricted path traversal through filesystem:// scheme
Moderate
CVE-2015-1195
was published
for
glance
(pip)
May 14, 2022
OpenStack Swift Unauthorized delete of versioned Swift object
Moderate
CVE-2015-1856
was published
for
swift
(pip)
May 14, 2022
OpenStack Swift metadata constraints are not correctly enforced
Moderate
CVE-2014-7960
was published
for
swift
(pip)
May 17, 2022
OpenStack Swift allows authenticated users to cause a denial of service
Moderate
CVE-2013-4155
was published
for
swift
(pip)
May 17, 2022
OpenStack Swift XML external entities (XXE) Injection
Moderate
CVE-2022-47950
was published
for
swift
(pip)
Jan 18, 2023
OpenStack Horizon Cross-site Scripting (XSS)
Moderate
CVE-2017-7400
was published
for
horizon
(pip)
May 14, 2022
OpenStack Nova Directory traversal vulnerability
Moderate
CVE-2012-3360
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova Arbitrary file injection/corruption through directory traversal issues
Moderate
CVE-2012-3361
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova Information leak in libvirt LVM-backed instances
Moderate
CVE-2012-5625
was published
for
nova
(pip)
May 17, 2022
OpenStack Compute Nova Improper Access Control
Moderate
CVE-2013-4497
was published
for
nova
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API