Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

376 advisories

Loading
SaltStack Salt Server Side Template Injection Critical
CVE-2021-25283 was published for salt (pip) May 24, 2022
SaltStack Salt Improper Authentication vulnerability Critical
CVE-2021-25281 was published for salt (pip) May 24, 2022
SaltStack Salt Directory Traversal vulnerability Critical
CVE-2021-25282 was published for salt (pip) May 24, 2022
Numpy Deserialization of Untrusted Data Critical
CVE-2019-6446 was published for numpy (pip) May 24, 2022
SaltStack Salt Directory traversal vulnerability in minion id validation Critical
CVE-2017-12791 was published for salt (pip) May 17, 2022
SaltStack Salt Directory traversal vulnerability in minion id validation Critical
CVE-2017-14695 was published for salt (pip) May 17, 2022
SaltStack Salt allows compromised salt-minions to impersonate the salt-master Critical
CVE-2017-7893 was published for salt (pip) May 13, 2022
SaltStack Salt Remote command execution and incorrect access control when using salt-api Critical
CVE-2018-15751 was published for salt (pip) May 13, 2022
SaltStack Salt Improper Validation of eauth credentials and tokens in salt-netapi Critical
CVE-2020-25592 was published for salt (pip) May 24, 2022
SaltStack Salt Unauthenticated Remote Code Execution Critical
CVE-2020-11651 was published for salt (pip) May 24, 2022
SaltStack Salt is vulnerable to command injection Critical
CVE-2019-17361 was published for salt (pip) May 24, 2022
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function Critical
CVE-2019-1010259 was published for salt (pip) May 24, 2022
git-big-picture Code Execution Critical
CVE-2021-3028 was published for git-big-picture (pip) May 24, 2022
AdaptiveScale LXDUI Hardcoded JWT Secret Key Critical
CVE-2021-40494 was published for lxdui (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16225 was published for lmdb (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16224 was published for lmdb (pip) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16227 was published for lmdb (pip) May 24, 2022
scikit-learn Deserialization of Untrusted Data Critical
CVE-2020-13092 was published for scikit-learn (pip) May 24, 2022
pyLoad allows upload to arbitrary folder lead to RCE Critical
CVE-2024-32880 was published for pyload-ng (pip) Apr 24, 2024
zhcy2018
ReportLab vulnerable to remote code execution via paraparser Critical
CVE-2019-19450 was published for reportlab (pip) Sep 20, 2023
Scalyr Agent Missing SSL Certificate Validation Critical
CVE-2020-24714 was published for scalyr-agent-2 (pip) May 24, 2022
Ops CLI Deserialization of Untrusted Data vulnerability Critical
CVE-2021-40720 was published for ops-cli (pip) May 24, 2022
Radicale vulnerable to arbitrary file read or write Critical
CVE-2015-8747 was published for Radicale (pip) May 17, 2022
salt password information leaked in debug logs Critical
CVE-2015-6941 was published for salt (pip) May 17, 2022
OpenStack Swauth object/proxy server writing Auth Token to log file Critical
CVE-2017-16613 was published for swauth (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API