Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,556 advisories

Loading
Improper Input Validation in python-dbusmock High
CVE-2015-1326 was published for python-dbusmock (pip) Apr 23, 2019
Null pointer dereference in TensorFlow leads to exploitation High
CVE-2018-7576 was published for tensorflow (pip) Apr 24, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-8825 was published for tensorflow (pip) Apr 24, 2019
tdunlap607
Credited to tdunlap607
NULL Pointer Dereference in Google TensorFlow High
CVE-2019-9635 was published for tensorflow (pip) Apr 30, 2019
Rejected CVE ID High
CVE-2018-7574 was published for tensorflow (pip) Apr 30, 2019 withdrawn
Improper Restriction of Operations within the Bounds of a Memory Buffer in Google TensorFlow High
CVE-2018-10055 was published for tensorflow (pip) Apr 30, 2019
Improper Input Validation in Google TensorFlow High
CVE-2018-7577 was published for tensorflow (pip) Apr 30, 2019
Code Injection in PyXDG High
CVE-2019-12761 was published for pyxdg (pip) Jun 7, 2019
Deserialization vulnerability exists in parso High
CVE-2019-12760 was published for parso (pip) Jun 13, 2019 withdrawn
postfix-mta-sts-resolver Algorithm Downgrade vulnerability High
CVE-2019-16791 was published for postfix-mta-sts-resolver (pip) Jul 5, 2019
Django Denial-of-service by filling session store High
CVE-2015-5143 was published for Django (pip) Jul 5, 2019
MarkLee131
Credited to MarkLee131
HPACK Denial of Service vulnerability (HPACK Bomb) High
CVE-2016-6581 was published for hpack (pip) Jul 5, 2019
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature High
CVE-2017-11427 was published for python-saml (pip) Jul 5, 2019
XML Injection in python-libnmap High
CVE-2019-1010017 was published for python-libnmap (pip) Jul 18, 2019
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage High
CVE-2019-1010083 was published for flask (pip) Jul 19, 2019
Infinite Loop in scapy High
CVE-2019-1010142 was published for scapy (pip) Jul 22, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_filterbank High
CVE-2018-19801 was published for aubio (pip) Jul 26, 2019
Aubio is vulnerable to a NULL pointer dereference in new_aubio_notes function High
CVE-2018-19802 was published for aubio (pip) Jul 26, 2019
tdunlap607
Credited to tdunlap607
python-engineio vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2019-13611 was published for python-engineio (pip) Jul 30, 2019
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for Django (pip) Aug 6, 2019
Uncontrolled Recursion in Django High
CVE-2019-14235 was published for Django (pip) Aug 6, 2019
Django Denial-of-service in strip_tags() High
CVE-2019-14233 was published for Django (pip) Aug 6, 2019
Sensitive data written to disk unencrypted in Spark High
CVE-2019-10099 was published for org.apache.spark:spark-core_2.11 (Maven) Aug 8, 2019
Pallets Werkzeug Insufficient Entropy High
CVE-2019-14806 was published for werkzeug (pip) Aug 21, 2019
NLTK Vulnerable To Path Traversal High
CVE-2019-14751 was published for nltk (pip) Aug 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database