GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,472 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
Moderate
CVE-2021-21336
was published
for
Products.PluggableAuthService
(pip)
Mar 8, 2021
Denial of service attack via .well-known lookups
Moderate
CVE-2021-21274
was published
for
matrix-synapse
(pip)
Mar 1, 2021
Open redirects on some federation and push requests
Moderate
CVE-2021-21273
was published
for
matrix-synapse
(pip)
Feb 26, 2021
Cross-Site Scripting
Moderate
GHSA-94ww-22rx-493x
was published
for
flower
(pip)
Feb 24, 2021
•
withdrawn
Cross-Site Scripting
Moderate
GHSA-57h7-r3q3-w57j
was published
for
djangorestframework
(pip)
Feb 24, 2021
•
withdrawn
Improper Verification of Cryptographic Signature in PySAML2
Moderate
CVE-2021-21239
was published
for
pysaml2
(pip)
Jan 21, 2021
lxml vulnerable to Cross-site Scripting
Moderate
CVE-2020-27783
was published
for
lxml
(pip)
Jan 7, 2021
Jupyter Server open redirect vulnerability
Moderate
CVE-2020-26275
was published
for
jupyter-server
(pip)
Dec 21, 2020
SSRF vulnerability in Apache Airflow
Moderate
CVE-2020-17513
was published
for
apache-airflow
(pip)
Dec 17, 2020
Multiple cryptographic issues in Python oic
Moderate
CVE-2020-26244
was published
for
oic
(pip)
Dec 4, 2020
Open redirect in Jupyter Server
Moderate
CVE-2020-26232
was published
for
jupyter-server
(pip)
Nov 24, 2020
RSA decryption vulnerable to Bleichenbacher timing vulnerability
Moderate
CVE-2020-25659
was published
for
cryptography
(pip)
Oct 27, 2020
Unauthorized privilege escalation in Mod module
Moderate
CVE-2020-15278
was published
for
red-discordbot
(pip)
Oct 27, 2020
Arbitrary Code Execution in blazar-dashboard
Moderate
CVE-2020-26943
was published
for
blazar-dashboard
(pip)
Oct 27, 2020
Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint
Moderate
CVE-2020-26891
was published
for
matrix-synapse
(pip)
Oct 16, 2020
Denial of service in tensorflow-lite
Moderate
CVE-2020-15213
was published
for
tensorflow
(pip)
Sep 25, 2020
Segmentation fault in tensorflow-lite
Moderate
CVE-2020-15210
was published
for
tensorflow
(pip)
Sep 25, 2020
Out of bounds access in tensorflow-lite
Moderate
CVE-2020-15211
was published
for
tensorflow
(pip)
Sep 25, 2020
Null pointer dereference in tensorflow-lite
Moderate
CVE-2020-15209
was published
for
tensorflow
(pip)
Sep 25, 2020
Heap buffer overflow in Tensorflow
Moderate
CVE-2020-15201
was published
for
tensorflow
(pip)
Sep 25, 2020
Denial of Service in Tensorflow
Moderate
CVE-2020-15197
was published
for
tensorflow
(pip)
Sep 25, 2020
ProTip!
Advisories are also available from the
GraphQL API