GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
275 advisories
Filter by severity
`CHECK` failure in `SobolSample` via missing validation
Low
GHSA-cqvq-fvhr-v6hc
was published
for
tensorflow
(pip)
Nov 21, 2022
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
Low
GHSA-xf83-q765-xm6m
was published
for
tensorflow
(pip)
Nov 21, 2022
rdiffweb vulnerable to Improper Cleanup on Thrown Exception
Low
CVE-2022-3301
was published
for
rdiffweb
(pip)
Sep 27, 2022
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
Low
CVE-2022-2872
was published
for
OctoPrint
(pip)
Sep 22, 2022
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`
Low
CVE-2022-36016
was published
for
tensorflow
(pip)
Sep 16, 2022
TensorFlow vulnerable to integer overflow in math ops
Low
CVE-2022-36015
was published
for
tensorflow
(pip)
Sep 16, 2022
Python-TUF vulnerable to incorrect threshold signature computation for new root metadata
Low
GHSA-r7vq-6425-j94w
was published
for
tuf
(pip)
Sep 15, 2022
OctoPrint does not have rate limiting on the login page
Low
CVE-2022-2822
was published
for
OctoPrint
(pip)
Aug 16, 2022
OpenStack Nova Changing vnic_type breaks compute service restart
Low
CVE-2022-37394
was published
for
nova
(pip)
Aug 4, 2022
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings
Low
CVE-2022-31177
was published
for
Flask-AppBuilder
(pip)
Jul 29, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column
Low
CVE-2020-7734
was published
for
cabot
(pip)
May 24, 2022
OpenStack Nova can leak consoleauth token into log files
Low
CVE-2015-9543
was published
for
Nova
(pip)
May 24, 2022
Virtualenv Allows Symlink Attack on /tmp/
Low
CVE-2011-4617
was published
for
virtualenv
(pip)
May 17, 2022
OpenStack Nova Scheduler denial of service through scheduler_hints
Low
CVE-2012-3371
was published
for
Nova
(pip)
May 17, 2022
OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
Low
CVE-2013-4278
was published
for
nova
(pip)
May 17, 2022
OpenStack Cinder LVMVolumeDriver does not zero deleted snapshots
Low
CVE-2013-4183
was published
for
cinder
(pip)
May 17, 2022
OpenStack Identity Keystone Privilege Escalation vulnerability
Low
CVE-2013-4477
was published
for
keystone
(pip)
May 17, 2022
OpenStack Glance sensitive information disclosure via logs
Low
CVE-2014-1948
was published
for
glance
(pip)
May 17, 2022
Plone is vulnerable to File System Path Exposure
Low
CVE-2013-4194
was published
for
plone
(pip)
May 17, 2022
Plone Denial of Service vulnerability via decompressing large zip archives
Low
CVE-2013-4199
was published
for
plone
(pip)
May 17, 2022
OpenStack Nova VMWare driver leaks rescued images
Low
CVE-2014-2573
was published
for
nova
(pip)
May 17, 2022
OpenStack Keystone Sensitive information disclosure via log files
Low
CVE-2013-2006
was published
for
keystone
(pip)
May 17, 2022
OpenStack Nova denial of service through compressed disk images
Low
CVE-2013-4463
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova host data leak to vm instance in rescue mode
Low
CVE-2014-0134
was published
for
nova
(pip)
May 17, 2022
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
Low
CVE-2013-4469
was published
for
nova
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API