Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

53 advisories

Loading
Improper Input Validation in PyYAML Critical
CVE-2020-1747 was published for pyyaml (pip) Apr 20, 2021
tdunlap607 amita-seal
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Improper Restriction of XML External Entity Reference in python-docx High
CVE-2016-5851 was published for python-docx (pip) May 13, 2022
tdunlap607
XML External Entity Injection in PyWPS High
CVE-2021-39371 was published for pywps (pip) Sep 2, 2021
tdunlap607
Command Injection in Pygments Critical
CVE-2015-8557 was published for Pygments (pip) May 17, 2022
tdunlap607
PyKMIP Denial of service vulnerability High
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
Sentry vulnerable to invite code reuse via cookie manipulation Moderate
CVE-2022-23485 was published for sentry (pip) Dec 12, 2022
tdunlap607
pysaml2 Improper Authentication vulnerability Critical
CVE-2017-1000433 was published for pysaml2 (pip) Jul 13, 2018
tdunlap607
PyOpenSSL Use-After-Free vulnerability High
CVE-2018-1000807 was published for pyopenssl (pip) Oct 10, 2018
tdunlap607
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Plone User account enumeration via crafted URL Moderate
CVE-2012-5497 was published for plone (pip) May 17, 2022
tdunlap607
Out-of-bounds Read in Pillow Moderate
CVE-2022-22816 was published for Pillow (pip) Jan 12, 2022
tdunlap607
Potential infinite loop in Pillow High
CVE-2021-28676 was published for Pillow (pip) Jun 8, 2021
tdunlap607
Plone Code Injection vulnerability High
CVE-2012-5488 was published for Plone (pip) May 17, 2022
tdunlap607
Out of bounds read in Pillow High
CVE-2021-25291 was published for Pillow (pip) Mar 29, 2021
tdunlap607 sunSUNQ
Buffer Overflow in Pillow Critical
CVE-2021-34552 was published for pillow (pip) Oct 5, 2021
tdunlap607
Regular Expression Denial of Service (ReDoS) in Jinja2 Moderate
CVE-2020-28493 was published for jinja2 (pip) Mar 19, 2021
tdunlap607
Cross-site Scripting in invenio-communities Moderate
CVE-2019-1020005 was published for invenio-communities (pip) Jul 16, 2019
tdunlap607
Open Redirect in Flask-Security-Too Low
CVE-2021-32618 was published for Flask-Security-Too (pip) May 17, 2021
tdunlap607
Flask is vulnerable to Denial of Service via incorrect encoding of JSON data High
CVE-2018-1000656 was published for flask (pip) Aug 23, 2018
tdunlap607
GitPython vulnerable to Remote Code Execution due to improper user input validation High
CVE-2022-24439 was published for GitPython (pip) Dec 6, 2022
ad-m-ss tdunlap607
Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks High
CVE-2021-33571 was published for Django (pip) Jun 10, 2021
tdunlap607
XSS in Django Moderate
CVE-2020-13596 was published for Django (pip) Jun 5, 2020
tdunlap607
Cross-site Scripting in Django Moderate
CVE-2022-22818 was published for django (pip) Feb 4, 2022
tdunlap607
Infinite Loop in Django High
CVE-2022-23833 was published for Django (pip) Feb 4, 2022
tdunlap607 MarkLee131
ProTip! Advisories are also available from the GraphQL API