GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
280 advisories
TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz)
Moderate
CVE-2022-47407
was published
for
fixpunkt/fp-masterquiz
(Composer)
Dec 14, 2022
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
Moderate
CVE-2023-25727
was published
for
phpmyadmin/phpmyadmin
(Composer)
Feb 13, 2023
XXE in PHPSpreadsheet due to encoding issue
High
CVE-2018-19277
was published
for
phpoffice/phpexcel
(Composer)
Nov 20, 2019
XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue
High
CVE-2019-12331
was published
for
phpoffice/phpexcel
(Composer)
Nov 20, 2019
Apache Storm Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files
Moderate
CVE-2023-43123
was published
for
org.apache.storm:storm-core
(Maven)
Nov 23, 2023
Regular expression denial-of-service in Django
Moderate
CVE-2024-27351
was published
for
django
(pip)
Mar 15, 2024
Spring Framework has Improperly Implemented Security Check for Standard
Critical
CVE-2018-1275
was published
for
org.springframework:spring-messaging
(Maven)
Oct 17, 2018
Django DNS Rebinding Vulnerability
Critical
CVE-2016-9014
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to Denial of Service via i18n middleware component
High
CVE-2007-5712
was published
for
Django
(pip)
May 1, 2022
Improper query string handling in Django
High
CVE-2010-4534
was published
for
Django
(pip)
Jul 23, 2018
Django contains Uncontrolled Resource Consumption via cached header
High
CVE-2023-23969
was published
for
django
(pip)
Feb 1, 2023
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Django database denial-of-service with ModelMultipleChoiceField
High
CVE-2015-0222
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to information leakage in AuthenticationForm
High
CVE-2018-6188
was published
for
Django
(pip)
Oct 3, 2018
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
Moderate
CVE-2015-2317
was published
for
Django
(pip)
May 14, 2022
Django Denial-of-service possibility with strip_tags
High
CVE-2015-2316
was published
for
Django
(pip)
May 14, 2022
Django user with hardcoded password created when running tests on Oracle
Critical
CVE-2016-9013
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to XSS on 500 pages
Moderate
CVE-2017-12794
was published
for
Django
(pip)
Jan 4, 2019
Django Denial-of-service by filling session store
High
CVE-2015-5143
was published
for
Django
(pip)
Jul 5, 2019
ProTip!
Advisories are also available from the
GraphQL API