WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

37 advisories

Loading
Regular expression denial-of-service in Django Moderate
CVE-2024-27351 was published for django (pip) Mar 15, 2024
MarkLee131
Credited to MarkLee131
MLflow authentication requirement bypass can allow a user to arbitrarily create an account Critical
CVE-2023-6014 was published for mlflow (pip) Nov 16, 2023
MarkLee131 yoshizawa-masatoshi
Credited to MarkLee131 and yoshizawa-masatoshi
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
Credited to MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django Access Restrictions Bypass High
CVE-2016-2048 was published for django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django allows user sessions hijacking via an empty string in the session key Moderate
CVE-2015-3982 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django database denial-of-service with ModelMultipleChoiceField High
CVE-2015-0222 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Denial-of-service possibility in logout() view by filling session store Moderate
CVE-2015-5964 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django Reuses Cached CSRF Token High
CVE-2014-0473 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Code Injection in Django Critical
CVE-2014-0472 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django XSS Vulnerability Moderate
CVE-2016-2512 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django User Enumeration Vulnerability Low
CVE-2016-2513 was published for django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django denial of service via empty session record creation Moderate
CVE-2015-5963 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django user with hardcoded password created when running tests on Oracle Critical
CVE-2016-9013 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django DNS Rebinding Vulnerability Critical
CVE-2016-9014 was published for Django (pip) May 17, 2022
MarkLee131
Credited to MarkLee131
Django CSRF Protection Bypass High
CVE-2016-7401 was published for django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Django data leakage via querystring manipulation in admin Moderate
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Django Denial-of-service possibility with strip_tags High
CVE-2015-2316 was published for Django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Django cross-site scripting (XSS) attack via user-supplied redirect URLs Moderate
CVE-2015-2317 was published for Django (pip) May 14, 2022
MarkLee131
Credited to MarkLee131
Django cross-site request forgery (CSRF) vulnerability High
CVE-2008-3909 was published for django (pip) May 2, 2022
MarkLee131
Credited to MarkLee131
Django Cross-site scripting (XSS) vulnerability Moderate
CVE-2008-2302 was published for django (pip) May 1, 2022
MarkLee131
Credited to MarkLee131
Django vulnerable to Denial of Service via i18n middleware component High
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Credited to MarkLee131
Django Improper Access Control Moderate
CVE-2007-0405 was published for Django (pip) May 1, 2022
MarkLee131
Credited to MarkLee131
Django Arbitrary Code Execution High
CVE-2007-0404 was published for Django (pip) May 1, 2022
MarkLee131
Credited to MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database