Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

183 advisories

Loading
OpenStack Image Service (Glance) allows remote authenticated users to read arbitrary file High
CVE-2015-5163 was published for glance (pip) May 17, 2022
tdunlap607
jwcrypto lacks the Random Filling protection mechanism Moderate
CVE-2016-6298 was published for jwcrypto (pip) May 17, 2022
ceph-deploy allows local users to obtain sensitive information by reading the file Low
CVE-2015-3010 was published for ceph-deploy (pip) May 17, 2022
Django settings leak in date template filter Moderate
CVE-2015-8213 was published for Django (pip) May 17, 2022
sunSUNQ
OpenStack Cinder file disclosure in image convert Moderate
CVE-2015-1851 was published for cinder (pip) May 17, 2022
Django Reuses Cached CSRF Token High
CVE-2014-0473 was published for Django (pip) May 17, 2022
MarkLee131
Tryton allow authenticated users with certain permissions to read arbitrary files via the name parameter Moderate
CVE-2016-1242 was published for trytond (pip) May 17, 2022
Plone vulnerable to unauthorized disclosure of site content Moderate
CVE-2016-4042 was published for Plone (pip) May 17, 2022
Salt uses weak permissions on the cache data Low
CVE-2015-8034 was published for salt (pip) May 17, 2022
Weblate user account enumeration via reset password form Moderate
CVE-2017-5537 was published for weblate (pip) May 17, 2022
SaltStack Salt Information Exposure High
CVE-2017-8109 was published for salt (pip) May 17, 2022
txAWS AWSServiceEndpoint defaults to not verifying server certificates High
CVE-2017-1000007 was published for txaws (pip) May 17, 2022
salt password information leaked in debug logs Critical
CVE-2015-6941 was published for salt (pip) May 17, 2022
OpenStack Glance is vulnerable to Exposure of Sensitive Information Low
CVE-2013-1840 was published for glance (pip) May 17, 2022
OpenStack Nova Live migration can leak root disk into ephemeral storage High
CVE-2013-7130 was published for nova (pip) May 17, 2022
Django User Enumeration Vulnerability Low
CVE-2016-2513 was published for django (pip) May 17, 2022
MarkLee131
python-keystoneclient unsecure user password update Low
CVE-2013-2013 was published for python-keystoneclient (pip) May 17, 2022
salt leaks git usernames and passwords to the log Moderate
CVE-2015-6918 was published for salt (pip) May 17, 2022
OpenStack Heat template URL information leakage Low
CVE-2014-3801 was published for openstack-heat (pip) May 14, 2022
OpenStack Object Storage (Swift) Sensitive Data Exposure Moderate
CVE-2015-5223 was published for swift (pip) May 14, 2022
Libcloud does not properly scrub data when destroying a DigitalOcean node Low
CVE-2013-6480 was published for apache-libcloud (pip) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Requests Moderate
CVE-2014-1830 was published for requests (pip) May 14, 2022
Django data leakage via querystring manipulation in admin Moderate
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
OpenStack Compute (Nova) Exposure of Sensitive Information to an Unauthorized Actor vulnerability Moderate
CVE-2014-3517 was published for nova (pip) May 14, 2022
OpenStack Nova Potential Xen connection password leak via StorageError Moderate
CVE-2015-8749 was published for nova (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database