Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
Null pointer dereference in PKCS12 parsing Moderate
CVE-2024-0727 was published for cryptography (pip) Jan 26, 2024
m3t3kh4n
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance Moderate
CVE-2024-24595 was published for clearml (pip) Feb 6, 2024
m3t3kh4n
Authenticated Local Privilege Escalation vulnerability in Intel Optimization for Tensorflow Moderate
CVE-2023-27506 was published for intel-tensorflow (pip) Aug 11, 2023
m3t3kh4n
ProTip! Advisories are also available from the GraphQL API