GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
RPLY Predictable Tmpfile Names Allows Cache Spoofing
Low
CVE-2014-1604
was published
for
RPLY
(pip)
May 17, 2022
OpenStack Glance is vulnerable to Exposure of Sensitive Information
Low
CVE-2013-1840
was published
for
glance
(pip)
May 17, 2022
OpenStack Keystone intended authorization restrictions bypass
Low
CVE-2012-5571
was published
for
Keystone
(pip)
May 17, 2022
Openstack Compute (Nova) Denial of service via network request that triggers large number of iptables rules
Low
CVE-2012-2101
was published
for
nova
(pip)
May 17, 2022
Salt uses weak permissions on the cache data
Low
CVE-2015-8034
was published
for
salt
(pip)
May 17, 2022
ceph-deploy allows local users to obtain sensitive information by reading the file
Low
CVE-2015-3010
was published
for
ceph-deploy
(pip)
May 17, 2022
OpenStack Neutron Race condition vulnerability
Low
CVE-2015-5240
was published
for
neutron
(pip)
May 17, 2022
ceph-deploy uses world-readable permissions on client.admin key
Low
CVE-2015-4053
was published
for
ceph-deploy
(pip)
May 17, 2022
OpenStack Nova host data leak to vm instance in rescue mode
Low
CVE-2014-0134
was published
for
nova
(pip)
May 17, 2022
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
Low
CVE-2013-4469
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova denial of service through compressed disk images
Low
CVE-2013-4463
was published
for
nova
(pip)
May 17, 2022
OpenStack Keystone Sensitive information disclosure via log files
Low
CVE-2013-2006
was published
for
keystone
(pip)
May 17, 2022
Plone Multiple open redirect vulnerabilities
Low
CVE-2013-4195
was published
for
plone
(pip)
May 17, 2022
Plone Denial of Service vulnerability via decompressing large zip archives
Low
CVE-2013-4199
was published
for
plone
(pip)
May 17, 2022
OpenStack Identity Keystone Privilege Escalation vulnerability
Low
CVE-2013-4477
was published
for
keystone
(pip)
May 17, 2022
OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
Low
CVE-2013-4278
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova Scheduler denial of service through scheduler_hints
Low
CVE-2012-3371
was published
for
Nova
(pip)
May 17, 2022
OpenStack Nova can leak consoleauth token into log files
Low
CVE-2015-9543
was published
for
Nova
(pip)
May 24, 2022
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column
Low
CVE-2020-7734
was published
for
cabot
(pip)
May 24, 2022
Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings
Low
CVE-2022-31177
was published
for
Flask-AppBuilder
(pip)
Jul 29, 2022
OpenStack Nova Changing vnic_type breaks compute service restart
Low
CVE-2022-37394
was published
for
nova
(pip)
Aug 4, 2022
OctoPrint does not have rate limiting on the login page
Low
CVE-2022-2822
was published
for
OctoPrint
(pip)
Aug 16, 2022
Python-TUF vulnerable to incorrect threshold signature computation for new root metadata
Low
GHSA-r7vq-6425-j94w
was published
for
tuf
(pip)
Sep 15, 2022
TensorFlow vulnerable to integer overflow in math ops
Low
CVE-2022-36015
was published
for
tensorflow
(pip)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API