Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Plone Unauthorized Access Vulnerability High
CVE-2017-1000483 was published for Plone (pip) May 13, 2022
Improper Access Control in MySQL Connector Python High
CVE-2019-2435 was published for mysql-connector-python (pip) May 13, 2022
slixmpp Incorrect Access Control High
CVE-2019-1000021 was published for slixmpp (pip) May 13, 2022
Improper Access Control in pyftpdlib High
CVE-2009-5012 was published for pyftpdlib (pip) May 2, 2022
MoinMoin Improper Access Control vulnerability High
CVE-2009-4762 was published for moin (pip) May 2, 2022
Roundup Improper Access Control Moderate
CVE-2009-2737 was published for Roundup (pip) May 2, 2022
anonymous4ACL24 Credited to anonymous4ACL24
MoinMoin vulnerable to privilege escalation High
CVE-2008-1937 was published for moin (pip) May 1, 2022
Roundup xml-rpc server improper check of property permissions Critical
CVE-2008-1475 was published for roundup (pip) May 1, 2022
anonymous4ACL24 Credited to anonymous4ACL24
Zope does not properly verify the access for objects with proxy roles High
CVE-2002-0170 was published for zope (pip) Apr 30, 2022
Zope allows attackers to modify raw image and file data Moderate
CVE-2000-1212 was published for zope (pip) Apr 30, 2022
Zope does not properly restrict access to the getRoles method High
CVE-2000-0725 was published for zope (pip) Apr 30, 2022
Incorrect Authorization in calibreweb High
CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022
Improper Access Control in jupyterhub-firstuseauthenticator Critical
CVE-2021-41194 was published for jupyterhub-firstuseauthenticator (pip) Oct 28, 2021
georgejhunt Credited to georgejhunt
Improper Input Validation in sopel-plugins.channelmgnt High
CVE-2021-21431 was published for sopel-plugins.channelmgnt (pip) Apr 9, 2021
Improper Access Control in Apache Airflow High
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ Credited to sunSUNQ
Improper Access Control in novajoin High
CVE-2019-10138 was published for novajoin (pip) Mar 12, 2020
Arbitrary code using "crafted image file" approach affecting Pillow High
CVE-2016-9190 was published for Pillow (pip) Jul 12, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database