Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

20,093 advisories

Loading
OpenStack Nova Arbitrary file injection/corruption through directory traversal issues Moderate
CVE-2012-3361 was published for nova (pip) May 17, 2022
phpMyAdmin Multiple XSS Vulnerabilities Low
CVE-2012-4579 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
OpenStack Nova Scheduler denial of service through scheduler_hints Low
CVE-2012-3371 was published for Nova (pip) May 17, 2022
Elixir can leak information due to weak use of crypto Moderate
CVE-2012-2146 was published for Elixir (pip) May 17, 2022
Tornado CRLF injection vulnerability Moderate
CVE-2012-2374 was published for tornado (pip) May 17, 2022
Typo3 Backend XSS Vulnerabilities Low
CVE-2012-1606 was published for typo3/cms (Composer) May 17, 2022
Typo3 API XSS Vulnerabilities Moderate
CVE-2012-1608 was published for typo3/cms (Composer) May 17, 2022
Typo3 Extbase Framework Unsafe Deserialization Moderate
CVE-2012-1605 was published for typo3/cms (Composer) May 17, 2022
OpenStack Keystone token expiration issues Moderate
CVE-2012-3426 was published for Keystone (pip) May 17, 2022
OpenStack Keystone Allows Remote User Account Creation High
CVE-2012-3542 was published for keystone (pip) May 17, 2022
Beaker Sensitive Information Disclosure vulnerability Moderate
CVE-2012-3458 was published for beaker (pip) May 17, 2022
Silverstripe XSS Vulnerabilities Moderate
CVE-2012-4968 was published for silverstripe/framework (Composer) May 17, 2022
Silverstripe CMS Arbitrary Code Execution Moderate
CVE-2011-4962 was published for silverstripe/cms (Composer) May 17, 2022
Unescaped parameters in the PostgreSQL JDBC driver High
CVE-2012-1618 was published for org.postgresql:postgresql (Maven) May 17, 2022
Apache Libcloud vulnerable to certificate impersonation Moderate
CVE-2012-3446 was published for apache-libcloud (pip) May 17, 2022
Improper Access Control in JBoss mod_cluster Moderate
CVE-2012-1154 was published for org.jboss.mod_cluster:mod_cluster (Maven) May 17, 2022
Python Keyring does not securely initialize encryption cipher Low
CVE-2012-4571 was published for keyring (pip) May 17, 2022
Improper Control of Generation of Code in Spring Security Moderate
CVE-2011-2732 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
Symfony Access Control Vulnerability Moderate
CVE-2012-6432 was published for symfony/symfony (Composer) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Spring Security Moderate
CVE-2012-5055 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
MoinMoin Directory Traversal vulnerability Moderate
CVE-2012-6080 was published for moin (pip) May 17, 2022
MoinMoin Multiple vulnerable to directory traversal Moderate
CVE-2012-6495 was published for Moin (pip) May 17, 2022
Symfony Allows URI Restrictions Bypass Via Double-Encoded String Moderate
CVE-2012-6431 was published for symfony/http-foundation (Composer) May 17, 2022
MoinMoin Cross-site scripting (XSS) vulnerability Moderate
CVE-2012-6082 was published for moin (pip) May 17, 2022
User confusion in IronJacamar Moderate
CVE-2012-3428 was published for org.jboss.ironjacamar:ironjacamar-jdbc (Maven) May 17, 2022
q5438722
ProTip! Advisories are also available from the GraphQL API