Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

171 advisories

Loading
Denial-of-service possibility in logout() view by filling session store Moderate
CVE-2015-5964 was published for Django (pip) May 17, 2022
MarkLee131
Django XSS Vulnerability Moderate
CVE-2016-2512 was published for Django (pip) May 17, 2022
MarkLee131
Django data leakage via querystring manipulation in admin Moderate
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for Django (pip) Jan 4, 2019
MarkLee131
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Django allows user sessions hijacking via an empty string in the session key Moderate
CVE-2015-3982 was published for Django (pip) May 17, 2022
MarkLee131
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Django open redirect Moderate
CVE-2018-14574 was published for Django (pip) Oct 4, 2018
MarkLee131
Improper date handling in Django Moderate
CVE-2010-4535 was published for Django (pip) Jul 23, 2018
MarkLee131
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
Django Cross-site scripting (XSS) vulnerability Moderate
CVE-2008-2302 was published for django (pip) May 1, 2022
MarkLee131
Regular expression denial-of-service in Django Moderate
CVE-2024-27351 was published for django (pip) Mar 15, 2024
MarkLee131
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
Django Improper Access Control Moderate
CVE-2007-0405 was published for Django (pip) May 1, 2022
MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
Improper Input Validation in Apache POI Moderate
CVE-2014-3574 was published for org.apache.poi:poi (Maven) May 17, 2022
MarkLee131
Improper Authentication in Hibernate Validator Moderate
CVE-2014-3558 was published for org.hibernate:hibernate-validator (Maven) May 14, 2022
MarkLee131
Improper Restriction of XML External Entity Reference in Apache POI Moderate
CVE-2014-3529 was published for org.apache.poi:poi (Maven) May 17, 2022
MarkLee131
Improper Input Validation in Apache Tomcat Moderate
CVE-2014-0227 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
MarkLee131
Netty denial of service vulnerability Moderate
CVE-2014-0193 was published for io.netty:netty (Maven) May 13, 2022
MarkLee131
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient Moderate
CVE-2014-3577 was published for org.apache.httpcomponents:httpclient (Maven) Oct 17, 2018
MarkLee131
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2014-8152 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
Improper Input Validation in Apache Jackrabbit Moderate
CVE-2015-1833 was published for org.apache.jackrabbit:jackrabbit-core (Maven) May 14, 2022
MarkLee131
Path traversal in org.springframework.integration:spring-integration-zip Moderate
CVE-2018-1261 was published for org.springframework.integration:spring-integration-zip (Maven) Oct 18, 2018
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database