Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Tryton Improper Access Control High
CVE-2019-10868 was published for trytond (pip) Apr 10, 2019
Privilege Escalation in Channelmgnt plug-in for Sopel Moderate
CVE-2020-15251 was published for sopel-plugins-channelmgnt (pip) Oct 13, 2020
RhinosF1
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible Moderate
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
Missing Authorization in Apache Airflow Moderate
CVE-2021-35936 was published for apache-airflow (pip) Aug 30, 2021
sunSUNQ
Permissions not properly checked in Invenio-Drafts-Resources Moderate
CVE-2021-43781 was published for invenio-app-rdm (pip) Dec 6, 2021
lnielsen
saleor Missing Authorization vulnerability Moderate
CVE-2022-0932 was published for saleor (pip) Mar 12, 2022
MoinMoin improper access control on the included page for the rst parser Moderate
CVE-2008-6548 was published for moin (pip) May 17, 2022
pgadmin4 vulnerable to Code Injection High
CVE-2022-4223 was published for pgadmin4 (pip) Dec 13, 2022
Synapse does not apply enough checks to servers requesting auth events of events in a room High
CVE-2022-39335 was published for matrix-synapse (pip) May 24, 2023
Ray Missing Authorization vulnerability Critical
CVE-2023-6020 was published for ray (pip) Nov 16, 2023
Code execution in pandasai Critical
CVE-2024-23752 was published for pandasai (pip) Jan 22, 2024
Apache Airflow: Bypass permission verification to read code of other dags High
CVE-2023-50944 was published for apache-airflow (pip) Jan 24, 2024
Arbitrary file deletion in litellm High
CVE-2024-4888 was published for litellm (pip) Jun 6, 2024
LTI 1.3 Grade Pass Back Implementation has Missing Authorization Vulnerability Low
CVE-2023-23611 was published for lti-consumer-xblock (pip) Aug 30, 2024
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
ProTip! Advisories are also available from the GraphQL API