Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,472 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager Moderate
CVE-2021-21336 was published for Products.PluggableAuthService (pip) Mar 8, 2021
chutchut
Denial of service attack via .well-known lookups Moderate
CVE-2021-21274 was published for matrix-synapse (pip) Mar 1, 2021
mscherer
Open redirects on some federation and push requests Moderate
CVE-2021-21273 was published for matrix-synapse (pip) Feb 26, 2021
mscherer
Cross-Site Scripting Moderate
GHSA-94ww-22rx-493x was published for flower (pip) Feb 24, 2021 withdrawn
Cross-Site Scripting Moderate
GHSA-57h7-r3q3-w57j was published for djangorestframework (pip) Feb 24, 2021 withdrawn
Cross-site scripting in Bleach Moderate
CVE-2021-23980 was published for bleach (pip) Feb 2, 2021
Improper Verification of Cryptographic Signature in PySAML2 Moderate
CVE-2021-21239 was published for pysaml2 (pip) Jan 21, 2021
bawolff
lxml vulnerable to Cross-site Scripting Moderate
CVE-2020-27783 was published for lxml (pip) Jan 7, 2021
Jupyter Server open redirect vulnerability Moderate
CVE-2020-26275 was published for jupyter-server (pip) Dec 21, 2020
Yaniv-git
SSRF vulnerability in Apache Airflow Moderate
CVE-2020-17513 was published for apache-airflow (pip) Dec 17, 2020
sunSUNQ
Multiple cryptographic issues in Python oic Moderate
CVE-2020-26244 was published for oic (pip) Dec 4, 2020
F3r0C17Y mladevbb
CheariX
Memory leak in Nanopb Moderate
CVE-2020-26243 was published for nanopb (pip) Nov 25, 2020
Open redirect in Jupyter Server Moderate
CVE-2020-26232 was published for jupyter-server (pip) Nov 24, 2020
RSA decryption vulnerable to Bleichenbacher timing vulnerability Moderate
CVE-2020-25659 was published for cryptography (pip) Oct 27, 2020
tomato42
Unauthorized privilege escalation in Mod module Moderate
CVE-2020-15278 was published for red-discordbot (pip) Oct 27, 2020
Jackenmen
Arbitrary Code Execution in blazar-dashboard Moderate
CVE-2020-26943 was published for blazar-dashboard (pip) Oct 27, 2020
Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint Moderate
CVE-2020-26891 was published for matrix-synapse (pip) Oct 16, 2020
dkasak
Denial of service in tensorflow-lite Moderate
CVE-2020-15213 was published for tensorflow (pip) Sep 25, 2020
Segmentation fault in tensorflow-lite Moderate
CVE-2020-15210 was published for tensorflow (pip) Sep 25, 2020
Out of bounds access in tensorflow-lite Moderate
CVE-2020-15211 was published for tensorflow (pip) Sep 25, 2020
Null pointer dereference in tensorflow-lite Moderate
CVE-2020-15209 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15204 was published for tensorflow (pip) Sep 25, 2020
Heap buffer overflow in Tensorflow Moderate
CVE-2020-15201 was published for tensorflow (pip) Sep 25, 2020
Segfault in Tensorflow Moderate
CVE-2020-15200 was published for tensorflow (pip) Sep 25, 2020
Denial of Service in Tensorflow Moderate
CVE-2020-15197 was published for tensorflow (pip) Sep 25, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database