Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

114 advisories

Loading
graphite-web is vulnerable to Remote Code Execution Critical
CVE-2013-5942 was published for graphite-web (pip) May 17, 2022
Plone Sandbox Bypass Moderate
CVE-2012-5493 was published for Plone (pip) May 17, 2022
Plone python code injection Critical
CVE-2012-5495 was published for plone (pip) May 17, 2022
Plone Code Injection vulnerability High
CVE-2012-5485 was published for Plone (pip) May 17, 2022
Plone Code Injection vulnerability High
CVE-2012-5488 was published for Plone (pip) May 17, 2022
tdunlap607
Cobbler vulnerable to code injection via unsafe YAML loading Moderate
CVE-2011-4953 was published for cobbler (pip) May 17, 2022
Code Injection in Django Critical
CVE-2014-0472 was published for Django (pip) May 17, 2022
MarkLee131
Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability High
CVE-2008-6954 was published for cobbler (pip) May 17, 2022
OpenStack Object Storage (swift) Code Injection vulnerability Critical
CVE-2012-4406 was published for swift (pip) May 17, 2022
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
OpenStack Swift Unchecked user input in XML responses High
CVE-2013-2161 was published for swift (pip) May 14, 2022
IPython Notebook vulnerable to improper validation of the origin of websocket requests High
CVE-2014-3429 was published for ipython (pip) May 14, 2022
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers Critical
CVE-2009-0668 was published for ZODB3 (pip) May 2, 2022
Plone Arbitrary Code Execution via Unsafe Handling of Pickles Critical
CVE-2007-5741 was published for plone (pip) May 1, 2022
Code Injection in PyTorch Lightning Critical
CVE-2022-0845 was published for pytorch-lightning (pip) Mar 6, 2022
oliverchang
Withdrawn: Code Injection in loguru Low
CVE-2022-0329 was published for loguru (pip) Jan 28, 2022 withdrawn
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
Code injection via unsafe YAML loading High
CVE-2021-43811 was published for sockeye (pip) Dec 9, 2021
Code injection in FreeIPA High
CVE-2019-14867 was published for freeipa (pip) Dec 6, 2021
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Code Injection in SLO Generator Moderate
CVE-2021-22557 was published for slo-generator (pip) Oct 5, 2021
Cobbler before 3.3.0 allows log poisoning High
CVE-2021-40323 was published for cobbler (pip) Oct 5, 2021
Improper Input Validation and Command Injection in Ansible High
CVE-2021-3583 was published for ansible (pip) Sep 23, 2021
Code injection in nbgitpuller High
CVE-2021-39160 was published for nbgitpuller (pip) Aug 30, 2021
remote code execution via git repo provider Critical
CVE-2021-39159 was published for binderhub (pip) Aug 30, 2021
dreyercito rccern
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database