GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,479 advisories
Filter by severity
django-ucamlookup Cross-site Scripting vulnerability
Moderate
CVE-2016-15010
was published
for
django-ucamlookup
(pip)
Jan 5, 2023
django-photologue vulnerable to Cross-site Scripting
Moderate
CVE-2022-4526
was published
for
django-photologue
(pip)
Dec 15, 2022
Cross-site Scripting in django-cms
Moderate
CVE-2021-44649
was published
for
django-cms
(pip)
Jan 13, 2022
Cross-site Scripting in django-js-reverse
Moderate
CVE-2019-15486
was published
for
django-js-reverse
(pip)
Aug 27, 2019
Cross-site scripting in Unicorn framework
Moderate
CVE-2021-42053
was published
for
django-unicorn
(pip)
Oct 12, 2021
Django Cross-site scripting (XSS) vulnerability
Moderate
CVE-2008-2302
was published
for
django
(pip)
May 1, 2022
Cross-site Scripting in django-unicorn
Moderate
CVE-2021-42134
was published
for
django-unicorn
(pip)
Oct 12, 2021
Session key exposure through session list in Django User Sessions
Moderate
CVE-2020-5224
was published
for
django-user-sessions
(pip)
Jan 24, 2020
Django Allows Redirect via Data URL
Moderate
CVE-2012-3442
was published
for
django
(pip)
May 17, 2022
Ansible vulnerable to Insertion of Sensitive Information into Log File
Moderate
CVE-2024-8775
was published
for
ansible-core
(pip)
Sep 16, 2024
Improper query string handling in Django
Moderate
CVE-2010-4534
was published
for
Django
(pip)
Jul 23, 2018
django-epiceditor vulnerable to XSS in form field
Moderate
CVE-2017-6591
was published
for
django-epiceditor
(pip)
Jul 13, 2018
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
Moderate
CVE-2018-7537
was published
for
django
(pip)
Jan 4, 2019
Django allows user sessions hijacking via an empty string in the session key
Moderate
CVE-2015-3982
was published
for
Django
(pip)
May 17, 2022
Django Cross-site scripting Vulnerability
Moderate
CVE-2016-6186
was published
for
django
(pip)
May 14, 2022
Composio Path Traversal vulnerability
Moderate
CVE-2024-8865
was published
for
composio-core
(pip)
Sep 16, 2024
Composio Code Injection Vulnerability
Moderate
CVE-2024-8864
was published
for
composio-core
(pip)
Sep 16, 2024
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
Sentry improperly authorizes deletion of user issue alert notifications
Moderate
CVE-2024-45605
was published
for
sentry
(pip)
Sep 17, 2024
ProTip!
Advisories are also available from the
GraphQL API