Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

306,167 advisories

Loading
Plone and Zope2 affected by Race Condition High
CVE-2012-5507 was published for Plone (pip) Jul 23, 2018
Cross-site request forgery in Django High
CVE-2011-0696 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
Plone and Zope2 do not reseed pseudo-random number generator High
CVE-2012-6661 was published for Plone (pip) Jul 23, 2018
Django Cross-Site Request Forgery vulnerability High
CVE-2011-4140 was published for Django (pip) Jul 23, 2018
Moderate severity vulnerability that affects Zope2 Moderate
CVE-2010-1104 was published for Zope2 (pip) Jul 23, 2018
Denial of service in django High
CVE-2011-4137 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
Improper query string handling in Django High
CVE-2010-4534 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
feedparser Cross-site Scripting vulnerability Moderate
CVE-2011-1158 was published for feedparser (pip) Jul 23, 2018
HTTP header injection in Plone and Zope2 High
CVE-2012-5486 was published for Plone (pip) Jul 23, 2018
Improper date handling in Django Moderate
CVE-2010-4535 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
High severity vulnerability that affects Plone and Zope2 High
CVE-2011-2528 was published for Plone (pip) Jul 23, 2018
Plone and Zope2 vulnerable to unauthorized access to restricted attributes High
CVE-2012-5489 was published for Plone (pip) Jul 23, 2018
feedparser Cross-site Scripting vulnerability Moderate
CVE-2011-1157 was published for feedparser (pip) Jul 23, 2018
Directory traversal in Django Critical
CVE-2011-0698 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
Plone allows remote attackers to read hidden folder contents High
CVE-2012-5503 was published for Plone (pip) Jul 23, 2018
Session manipulation in Django Moderate
CVE-2011-4136 was published for Django (pip) Jul 23, 2018
MarkLee131
Credited to MarkLee131
Cross-site scripting in django Moderate
CVE-2010-3082 was published for Django (pip) Jul 23, 2018
tdunlap607
Credited to tdunlap607
Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts High
CVE-2011-1950 was published for Plone (pip) Jul 23, 2018
Directory Traversal in nodeaaaaa High
CVE-2017-16223 was published for nodeaaaaa (npm) Jul 23, 2018
Directory Traversal in dgard8.lab6 High
CVE-2017-16218 was published for dgard8.lab6 (npm) Jul 23, 2018
Directory Traversal in fbr-client High
CVE-2017-16217 was published for fbr-client (npm) Jul 23, 2018
Directory Traversal in ltt High
CVE-2017-16212 was published for ltt (npm) Jul 23, 2018
Directory Traversal in jn_jj_server High
CVE-2017-16210 was published for jn_jj_server (npm) Jul 23, 2018
Directory Traversal in quickserver High
CVE-2017-16196 was published for quickserver (npm) Jul 23, 2018
Directory Traversal in picard High
CVE-2017-16194 was published for picard (npm) Jul 23, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database