Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,444 advisories

Loading
Multiple stored XSS in RBAC Admin screens in Apache Airflow Moderate
CVE-2020-11983 was published for apache-airflow (pip) Jul 27, 2020
CSRF tokens leaked in URL by canned query form Moderate
GHSA-q6j3-c4wc-63vw was published for datasette (pip) Aug 11, 2020
Session Fixation in Tryton Moderate
CVE-2018-19443 was published for tryton (pip) Nov 29, 2018
JSNAPy allows unprivileged local users to alter files under the directory Moderate
CVE-2018-0023 was published for jsnapy (pip) Jul 12, 2018
Moderate severity vulnerability that affects Products.PlonePAS Moderate
CVE-2009-0662 was published for Products.PlonePAS (pip) Jul 23, 2018
markdown2 is vulnerable to cross-site scripting Moderate
CVE-2018-5773 was published for markdown2 (pip) Jul 12, 2018
woodruffw
Moderate severity vulnerability that affects Plone Moderate
CVE-2012-5503 was published for Plone (pip) Jul 23, 2018
Cross-site Scripting in invenio-previewer Moderate
CVE-2019-1020019 was published for invenio-previewer (pip) Jul 16, 2019
Moderate severity vulnerability that affects mailman Moderate
CVE-2018-13796 was published for mailman (pip) Sep 11, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16405 was published for mayan-edms (pip) Sep 6, 2018
Cross site scripting in flask-admin Moderate
CVE-2018-16516 was published for flask-admin (pip) Dec 19, 2018
born2discover
Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
Moderate severity vulnerability that affects django Moderate
CVE-2011-4140 was published for django (pip) Jul 23, 2018
Moderate severity vulnerability that affects feedparser Moderate
CVE-2012-2921 was published for feedparser (pip) Jul 24, 2018
Moderate severity vulnerability that affects Plone and Zope2 Moderate
CVE-2012-5507 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects invenio-app Moderate
CVE-2019-1020006 was published for invenio-app (pip) Jul 16, 2019
Moderate severity vulnerability that affects feedparser Moderate
CVE-2011-1157 was published for feedparser (pip) Jul 23, 2018
Moderate severity vulnerability that affects Plone and Zope2 Moderate
CVE-2012-5489 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects feedparser Moderate
CVE-2011-1156 was published for feedparser (pip) Jul 23, 2018
Moderate severity vulnerability that affects feedparser Moderate
CVE-2011-1158 was published for feedparser (pip) Jul 23, 2018
Moderate severity vulnerability that affects moin Moderate
CVE-2017-5934 was published for moin (pip) Jan 4, 2019
Moderate severity vulnerability that affects Plone and Zope2 Moderate
CVE-2012-6661 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects Plone and plone.app.users Moderate
CVE-2011-1950 was published for Plone (pip) Jul 23, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16406 was published for mayan-edms (pip) Sep 6, 2018
Moderate severity vulnerability that affects mayan-edms Moderate
CVE-2018-16407 was published for mayan-edms (pip) Sep 6, 2018
ProTip! Advisories are also available from the GraphQL API