GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
280 advisories
Filter by severity
Django DNS Rebinding Vulnerability
Critical
CVE-2016-9014
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to Denial of Service via i18n middleware component
High
CVE-2007-5712
was published
for
Django
(pip)
May 1, 2022
Improper query string handling in Django
High
CVE-2010-4534
was published
for
Django
(pip)
Jul 23, 2018
Django contains Uncontrolled Resource Consumption via cached header
High
CVE-2023-23969
was published
for
django
(pip)
Feb 1, 2023
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField
High
CVE-2015-0222
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to information leakage in AuthenticationForm
High
CVE-2018-6188
was published
for
Django
(pip)
Oct 3, 2018
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
Moderate
CVE-2015-2317
was published
for
Django
(pip)
May 14, 2022
Django Denial-of-service possibility with strip_tags
High
CVE-2015-2316
was published
for
Django
(pip)
May 14, 2022
Django user with hardcoded password created when running tests on Oracle
Critical
CVE-2016-9013
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to XSS on 500 pages
Moderate
CVE-2017-12794
was published
for
Django
(pip)
Jan 4, 2019
Django Denial-of-service by filling session store
High
CVE-2015-5143
was published
for
Django
(pip)
Jul 5, 2019
Django allows user sessions hijacking via an empty string in the session key
Moderate
CVE-2015-3982
was published
for
Django
(pip)
May 17, 2022
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API