GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
57 advisories
ScanCode.io command injection in docker image fetch process
Moderate
CVE-2023-39523
was published
for
scancodeio
(pip)
Aug 9, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input
High
CVE-2023-35932
was published
for
jcvi
(pip)
Jun 23, 2023
PyTorch vulnerable to arbitrary code execution
Critical
CVE-2022-45907
was published
for
torch
(pip)
Nov 26, 2022
Command injection in libvcs and vcspull
Critical
CVE-2022-21187
was published
for
libvcs
(pip)
Mar 15, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Weblate
High
CVE-2022-23915
was published
for
Weblate
(pip)
Mar 4, 2022
Pipenv's requirements.txt parsing allows malicious index url in comments
High
CVE-2022-21668
was published
for
pipenv
(pip)
Jan 12, 2022
ProTip!
Advisories are also available from the
GraphQL API