Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

20,339 advisories

Loading
NYUCCL psiTurk IS vulnerable to Improper Neutralization of Special Elements High
CVE-2021-4315 was published for psiTurk (pip) Jan 29, 2023
Cross-site scripting in Plone Moderate
CVE-2021-33513 was published for Plone (pip) Jun 8, 2021
py7zr directory traversal vulnerability Critical
CVE-2022-44900 was published for py7zr (pip) Dec 6, 2022
Buffer Overflow in pycrypto Critical
CVE-2013-7459 was published for pycrypto (pip) Dec 14, 2018
privacyIDEA Improper Input Validation vulnerability High
CVE-2018-1000809 was published for privacyIDEA (pip) Jan 14, 2019
Pycrypto generates weak key parameters High
CVE-2018-6594 was published for pycrypto (pip) Jul 12, 2018
pwntools Server-Side Template Injection (SSTI) vulnerability Critical
CVE-2020-28468 was published for pwntools (pip) Apr 20, 2021
Plone Multiple open redirect vulnerabilities Low
CVE-2013-4195 was published for plone (pip) May 17, 2022
Plone's authenticated users able to alter their password despite of policy definition Moderate
CVE-2013-4198 was published for Plone (pip) May 17, 2022
Plone is vulnerable to information exposure via the object manager implementation Moderate
CVE-2013-4196 was published for plone (pip) May 17, 2022
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Plone Unauthenticated Write Vulnerability Critical
CVE-2020-7941 was published for Plone (pip) May 24, 2022
Plone vulnerable to cross-site scripting Moderate
CVE-2013-4190 was published for plone (pip) May 17, 2022
Plone has stored XSS in folder contents Moderate
CVE-2021-35959 was published for plone (pip) May 24, 2022
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone Moderate
CVE-2021-33507 was published for Plone (pip) Jun 18, 2021
Incorrect Permission Assignment for Critical Resource in Plone Critical
CVE-2021-33509 was published for Plone (pip) Jun 15, 2021
Server-Side Request Forgery in Plone Moderate
CVE-2021-33510 was published for Plone (pip) Jun 15, 2021
Server-Side Request Forgery in Plone High
CVE-2021-33511 was published for Plone (pip) Jun 15, 2021
Vault Community Edition privilege escalation vulnerability High
CVE-2024-9180 was published for github.com/hashicorp/vault (Go) Oct 10, 2024
Cross-site scripting in Plone Moderate
CVE-2021-33508 was published for Plone (pip) Jun 8, 2021
Plone Privilege Escallation High
CVE-2020-7938 was published for Plone (pip) May 24, 2022
Plone cross site scripting (XSS) Moderate
CVE-2020-7937 was published for Plone (pip) May 24, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
Plone Cross-site Scripting Vulnerability Moderate
CVE-2015-7316 was published for Plone (pip) May 17, 2022
Plone unauthorized member addition vulnerability High
CVE-2015-7315 was published for Plone (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database