GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,477 advisories
Filter by severity
Djblets Cross-site scripting Vulnerability
Moderate
CVE-2014-3995
was published
for
Djblets
(pip)
May 17, 2022
LangChain pickle deserialization of untrusted data
Moderate
CVE-2024-5998
was published
for
langchain-community
(pip)
Sep 17, 2024
Wagtail regular expression denial-of-service via search query parsing
Moderate
CVE-2024-39317
was published
for
wagtail
(pip)
Jul 11, 2024
Reverb use after free vulnerability
Moderate
CVE-2024-8375
was published
for
dm-reverb
(pip)
Sep 19, 2024
Pulp incorrectly assigns RBAC permissions in tasks that create objects
Moderate
CVE-2024-7143
was published
for
pulpcore
(pip)
Aug 7, 2024
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Django Cross-site Scripting Vulnerability
Moderate
CVE-2015-0220
was published
for
Django
(pip)
May 17, 2022
Django cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget
Moderate
CVE-2013-4249
was published
for
django
(pip)
May 17, 2022
Django denial-of-service possibility in urlize and urlizetrunc template filters
Moderate
CVE-2018-7536
was published
for
Django
(pip)
Jan 4, 2019
Django Data leakage via admin history log
Moderate
CVE-2013-0305
was published
for
Django
(pip)
May 5, 2022
Django is vulnerable to Denial of Service attack in formset
Moderate
CVE-2013-0306
was published
for
Django
(pip)
May 5, 2022
Django allows unprivileged users to read the password hashes of arbitrary accounts
Moderate
CVE-2018-16984
was published
for
django
(pip)
Oct 3, 2018
Django Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Moderate
CVE-2019-12781
was published
for
Django
(pip)
Jul 3, 2019
Django cross-site scripting (XSS) vulnerability via is_safe_url function
Moderate
CVE-2013-6044
was published
for
Django
(pip)
May 17, 2022
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs
Moderate
CVE-2017-7233
was published
for
Django
(pip)
Jan 4, 2019
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django Middleware Enables Session Hijacking
Moderate
CVE-2014-0482
was published
for
Django
(pip)
May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
Moderate
CVE-2015-2317
was published
for
Django
(pip)
May 14, 2022
Django vulnerable to XSS on 500 pages
Moderate
CVE-2017-12794
was published
for
Django
(pip)
Jan 4, 2019
Django Access Restrictions Bypass
Moderate
CVE-2016-2048
was published
for
django
(pip)
May 17, 2022
Django WSGI Header Spoofing Vulnerability
Moderate
CVE-2015-0219
was published
for
Django
(pip)
May 17, 2022
Django Cross-site Scripting Vulnerability
Moderate
CVE-2015-2241
was published
for
django
(pip)
May 17, 2022
Django settings leak in date template filter
Moderate
CVE-2015-8213
was published
for
Django
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API