GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,945
Erlang
29
GitHub Actions
16
Go
1,729
Maven
4,961
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,059 advisories
Filter by severity
Jupyter server on Windows discloses Windows user password hash
High
CVE-2024-35178
was published
for
jupyter_server
(pip)
Jun 6, 2024
Remote code execution in pytorch lightning
Critical
CVE-2024-5452
was published
for
lightning
(pip)
Jun 6, 2024
Observable Timing Discrepancy in pypqc
High
GHSA-hvh4-5qr6-3v7r
was published
for
pypqc
(pip)
Jun 5, 2024
PyMongo Out-of-bounds Read in the bson module
Moderate
CVE-2024-5629
was published
for
pymongo
(pip)
Jun 5, 2024
Arbitrary JavaScript execution due to using outdated libraries
Low
GHSA-4m3g-6r7g-jv4f
was published
for
gradio_pdf
(pip)
Jun 5, 2024
ydata unsafe deserialization
High
CVE-2024-37062
was published
for
ydata-profiling
(pip)
Jun 4, 2024
ydata unsafe deserialization
High
CVE-2024-37064
was published
for
ydata-profiling
(pip)
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API