Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

279 advisories

Loading
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Vyper sha3 codegen bug Low
CVE-2024-24559 was published for vyper (pip) Feb 5, 2024
cyberthirst kuroi8
Apache Airflow does not return the "Cache-Control" header for dynamic content Low
CVE-2024-25142 was published for apache-airflow (pip) Jun 14, 2024
zenml-io/zenml does not expire the session after password reset Low
CVE-2024-4680 was published for zenml (pip) Jun 8, 2024
tqdm CLI arguments injection attack Low
CVE-2024-34062 was published for tqdm (pip) May 3, 2024
CopperEagle
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
Cross site scripting in zenml Low
CVE-2024-2171 was published for zenml (pip) Jun 6, 2024
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
Slack integration leaks sensitive information in logs Low
CVE-2024-35196 was published for sentry (pip) Jun 2, 2024
asottile asottile-sentry
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability Low
CVE-2024-34715 was published for ethyca-fides (pip) May 29, 2024
tariqajyusuf pattisdr
vantage6 collaboration admins can extend their influence by expanding the collaboration Low
CVE-2024-32969 was published for vantage6 (pip) May 22, 2024
Django vulnerable to Denial of Service via i18n middleware component Low
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Django data leakage via querystring manipulation in admin Low
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
OpenStack Glance sensitive information disclosure via logs Low
CVE-2014-1948 was published for glance (pip) May 17, 2022
OpenStack Glance is vulnerable to Exposure of Sensitive Information Low
CVE-2013-1840 was published for glance (pip) May 17, 2022
OpenStack Nova Changing vnic_type breaks compute service restart Low
CVE-2022-37394 was published for nova (pip) Aug 4, 2022
OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors Low
CVE-2013-4278 was published for nova (pip) May 17, 2022
OpenStack Cinder LVMVolumeDriver does not zero deleted snapshots Low
CVE-2013-4183 was published for cinder (pip) May 17, 2022
OpenStack Oslo utility sensitive information exposure via log files Low
CVE-2014-7231 was published for oslo.utils (pip) May 14, 2022
OpenStack Keystone Sensitive information disclosure via log files Low
CVE-2013-2006 was published for keystone (pip) May 17, 2022
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image Low
CVE-2013-4469 was published for nova (pip) May 17, 2022
OpenStack Nova host data leak to vm instance in rescue mode Low
CVE-2014-0134 was published for nova (pip) May 17, 2022
OpenStack Nova denial of service through compressed disk images Low
CVE-2013-4463 was published for nova (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API