GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
228 advisories
Filter by severity
OpensStack Neutron Denial of Service Vulnerability
High
CVE-2018-14635
was published
for
neutron
(pip)
May 13, 2022
Tenant and Verifier might not use the same registrar data
Critical
CVE-2022-1053
was published
for
keylime
(pip)
May 5, 2022
ReviewBoard and Djblets library are vulnerable to code execution
Critical
CVE-2013-4409
was published
for
ReviewBoard
(pip)
May 5, 2022
Improper Input Validation in pyftpdlib
Moderate
CVE-2007-6739
was published
for
pyftpdlib
(pip)
May 1, 2022
Improper Input Validation in httpx
Critical
CVE-2021-41945
was published
for
httpx
(pip)
Apr 29, 2022
Username spoofing in OnionShare
Moderate
CVE-2022-21696
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Pipenv's requirements.txt parsing allows malicious index url in comments
High
CVE-2022-21668
was published
for
pipenv
(pip)
Jan 12, 2022
Policies not properly enforced in bluemonday
Moderate
CVE-2021-42576
was published
for
github.com/microcosm-cc/bluemonday
(Go)
Oct 19, 2021
Improper Input Validation in OpenCV
Moderate
CVE-2016-1517
was published
for
opencv-contrib-python
(pip)
Oct 12, 2021
Improper Input Validation and Command Injection in Ansible
High
CVE-2021-3583
was published
for
ansible
(pip)
Sep 23, 2021
Incomplete validation in `QuantizeV2`
High
CVE-2021-37663
was published
for
tensorflow
(pip)
Aug 25, 2021
Incomplete validation in MKL requantization
High
CVE-2021-37665
was published
for
tensorflow
(pip)
Aug 25, 2021
Incomplete validation in `MaxPoolGrad`
Moderate
CVE-2021-37674
was published
for
tensorflow
(pip)
Aug 25, 2021
Missing validation in shape inference for `Dequantize`
Moderate
CVE-2021-37677
was published
for
tensorflow
(pip)
Aug 25, 2021
Segfault on strings tensors with mistmatched dimensions, due to Go code
Moderate
CVE-2021-37692
was published
for
tensorflow
(pip)
Aug 25, 2021
Incomplete validation in `SparseReshape`
Low
CVE-2021-29611
was published
for
tensorflow
(pip)
May 21, 2021
Externally Controlled Reference to a Resource in Another Sphere, Improper Input Validation, and External Control of File Name or Path in Ansible
Moderate
CVE-2019-14905
was published
for
ansible
(pip)
Apr 20, 2021
OS Command Injection and Improper Input Validation in ansible
High
CVE-2019-14904
was published
for
ansible
(pip)
Apr 20, 2021
Improper Input Validation in PyYAML
Critical
CVE-2020-1747
was published
for
pyyaml
(pip)
Apr 20, 2021
ProTip!
Advisories are also available from the
GraphQL API