Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,479 advisories

Loading
django-ucamlookup Cross-site Scripting vulnerability Moderate
CVE-2016-15010 was published for django-ucamlookup (pip) Jan 5, 2023
django-photologue vulnerable to Cross-site Scripting Moderate
CVE-2022-4526 was published for django-photologue (pip) Dec 15, 2022
Cross-site scripting in django Moderate
CVE-2011-0697 was published for Django (pip) Jul 23, 2018
sunSUNQ
Cross-site Scripting in django-cms Moderate
CVE-2021-44649 was published for django-cms (pip) Jan 13, 2022
Cross-site Scripting in django-js-reverse Moderate
CVE-2019-15486 was published for django-js-reverse (pip) Aug 27, 2019
tdunlap607
Cross-site scripting in Unicorn framework Moderate
CVE-2021-42053 was published for django-unicorn (pip) Oct 12, 2021
Django Cross-site scripting (XSS) vulnerability Moderate
CVE-2008-2302 was published for django (pip) May 1, 2022
MarkLee131
Cross-site Scripting in django-unicorn Moderate
CVE-2021-42134 was published for django-unicorn (pip) Oct 12, 2021
Session key exposure through session list in Django User Sessions Moderate
CVE-2020-5224 was published for django-user-sessions (pip) Jan 24, 2020
Django Allows Redirect via Data URL Moderate
CVE-2012-3442 was published for django (pip) May 17, 2022
Ansible vulnerable to Insertion of Sensitive Information into Log File Moderate
CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024
Improper query string handling in Django Moderate
CVE-2010-4534 was published for Django (pip) Jul 23, 2018
MarkLee131
Cross-site scripting in django Moderate
CVE-2010-3082 was published for Django (pip) Jul 23, 2018
tdunlap607
django-epiceditor vulnerable to XSS in form field Moderate
CVE-2017-6591 was published for django-epiceditor (pip) Jul 13, 2018
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
Improper date handling in Django Moderate
CVE-2010-4535 was published for Django (pip) Jul 23, 2018
MarkLee131
Django open redirect Moderate
CVE-2018-14574 was published for Django (pip) Oct 4, 2018
MarkLee131
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters Moderate
CVE-2018-7537 was published for django (pip) Jan 4, 2019
sunSUNQ
Django allows user sessions hijacking via an empty string in the session key Moderate
CVE-2015-3982 was published for Django (pip) May 17, 2022
MarkLee131
Django Cross-site scripting Vulnerability Moderate
CVE-2016-6186 was published for django (pip) May 14, 2022
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
Composio Code Injection Vulnerability Moderate
CVE-2024-8864 was published for composio-core (pip) Sep 16, 2024
vLLM Denial of Service via the best_of parameter Moderate
CVE-2024-8939 was published for vllm (pip) Sep 17, 2024
Sentry improperly authorizes deletion of user issue alert notifications Moderate
CVE-2024-45605 was published for sentry (pip) Sep 17, 2024
javeedsk8341
ProTip! Advisories are also available from the GraphQL API