GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
7,166 advisories
Filter by severity
SaltStack Salt Improper SSL Certificate Validation
High
CVE-2020-35662
was published
for
salt
(pip)
May 24, 2022
SciPy creates insecure temporary directories
High
CVE-2013-4251
was published
for
scipy
(pip)
May 5, 2022
Setuptools vulnerable to Man-in-the-middle attacks
High
CVE-2013-1633
was published
for
setuptools
(pip)
May 17, 2022
SaltStack Salt command injection via a crafted process name
High
CVE-2020-28243
was published
for
salt
(pip)
May 24, 2022
Exposure of Resource to Wrong Sphere in salt
High
CVE-2021-21996
was published
for
salt
(pip)
Nov 21, 2021
SaltStack Salt Denial of Service via a crafted authentication request
High
CVE-2017-14696
was published
for
salt
(pip)
May 17, 2022
SaltStack Salt Authentication Bypass by Capture-replay
High
CVE-2022-22936
was published
for
salt
(pip)
Mar 30, 2022
Memory leaks in code encrypting and verifying RSA payloads
High
CVE-2024-1394
was published
for
github.com/golang-fips/go
(Go)
Mar 20, 2024
Python-RSA decryption of ciphertext leads to DoS
High
CVE-2020-13757
was published
for
rsa
(pip)
Mar 24, 2021
SQL injection in funadmin
High
CVE-2024-48231
was published
for
funadmin/funadmin
(Composer)
Oct 21, 2024
Salt vulnerable to Improper Certificate Validation
High
CVE-2015-4017
was published
for
salt
(pip)
May 14, 2022
Insufficiently Protected Credentials in Requests
High
CVE-2018-18074
was published
for
requests
(pip)
Oct 29, 2018
rtslib-fb weak permissions for /etc/target/saveconfig.json file
High
CVE-2020-14019
was published
for
rtslib-fb
(pip)
May 24, 2022
SaltStack Salt Insecure Temporary File Creation
High
CVE-2014-3563
was published
for
salt
(pip)
May 17, 2022
SaltStack Salt Authentication Bypass when using the local_batch client from salt-api
High
CVE-2017-5192
was published
for
salt
(pip)
May 17, 2022
Pysaml2 does not sanitize XML responses
High
CVE-2016-10149
was published
for
pysaml2
(pip)
Jul 16, 2018
SaltStack Salt arbitrary command execution in Salt-api via ssh_client
High
CVE-2017-5200
was published
for
salt
(pip)
May 13, 2022
Pyopenssl Incorrect Memory Management
High
CVE-2018-1000808
was published
for
pyopenssl
(pip)
Oct 10, 2018
Missing Initialization of Resource in Apache Arrow
High
CVE-2019-12408
was published
for
pyarrow
(RubyGems)
May 24, 2022
py vulnerable to Regular Expression Denial of Service
High
CVE-2020-29651
was published
for
py
(pip)
Apr 20, 2021
ProTip!
Advisories are also available from the
GraphQL API