Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,358
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,358 advisories

Loading
blosc2 heap-based buffer overflow High
CVE-2020-29367 was published for blosc2 (pip) May 24, 2022
bounter Null pointer reference High
CVE-2021-41497 was published for bounter (pip) Dec 18, 2021
Capstone Integer overflow High
CVE-2017-6952 was published for capstone (pip) May 17, 2022
chia-blockchain tokens can be inflated to an arbitrary extent High
CVE-2022-36447 was published for chia-blockchain (pip) Jul 30, 2022
Designate does not enforce the DNS protocol limit concerning record set sizes Moderate
CVE-2015-5694 was published for designate (pip) May 24, 2022
Designate mDNS DoS through incorrect handling of large RecordSets Moderate
CVE-2015-5695 was published for designate (pip) May 17, 2022
diplib Double Free Moderate
CVE-2021-39432 was published for diplib (pip) Nov 4, 2022
LIEF heap buffer overflow in the LIEF::MachO::BinaryParser::parse_dyldinfo_generic_bind Moderate
CVE-2022-43171 was published for lief (pip) Nov 18, 2022
Zope allows local users to read arbitrary files Low
CVE-2006-3458 was published for Zope2 (pip) May 1, 2022
OpenStack Identity (Keystone) UUID v2 tokens does not expire with revocation events Moderate
CVE-2014-5252 was published for keystone (pip) May 17, 2022
OpenStack Identity (Keystone) Multiple vulnerabilities in revocation events Moderate
CVE-2014-5251 was published for keystone (pip) May 17, 2022
OpenStack Keystone Domain-scoped tokens don't get revoked Moderate
CVE-2014-5253 was published for keystone (pip) May 17, 2022
OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend Moderate
CVE-2014-2237 was published for keystone (pip) May 17, 2022
OpenStack Identity (Keystone) DoS through V3 API authentication chaining High
CVE-2014-2828 was published for keystone (pip) May 17, 2022
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file Moderate
CVE-2015-5163 was published for glance (pip) May 17, 2022
tdunlap607
OpenStack Identity Keystone Improper Access Control Moderate
CVE-2016-4911 was published for keystone (pip) May 17, 2022
OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability Moderate
CVE-2015-3219 was published for horizon (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2014-9684 was published for glance (pip) May 17, 2022
OpenStack Glance Denial of service by creating a large number of images Moderate
CVE-2015-1881 was published for glance (pip) May 17, 2022
OpenStack Glance Signature Verification Bypass Moderate
CVE-2015-8234 was published for glance (pip) May 17, 2022
OpenStack Horizon Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-2094 was published for horizon (pip) May 17, 2022
OpenStack Horizon Session Fixation Moderate
CVE-2012-2144 was published for horizon (pip) May 17, 2022
OpenStack Glance arbitrary deletion of non-protected images Moderate
CVE-2012-4573 was published for glance (pip) May 17, 2022
OpenStack Glance arbitrary deletion of non-protected images Moderate
CVE-2012-5482 was published for glance (pip) May 17, 2022
OpenStack Keystone intended authorization restrictions bypass Low
CVE-2012-5571 was published for Keystone (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database