Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

285 advisories

Loading
Sentry's Python SDK unintentionally exposes environment variables to subprocesses Low
CVE-2024-40647 was published for sentry-sdk (pip) Jul 18, 2024
kmichel-aiven
Certifi removes GLOBALTRUST root certificate Low
CVE-2024-39689 was published for certifi (pip) Jul 5, 2024
Kwpolska
yt-dlp has dependency on potentially malicious third-party code in Douyu extractors Low
GHSA-3v33-3wmw-3785 was published for yt-dlp (pip) Jul 8, 2024
LeSuisse bashonly
Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js Low
CVE-2024-38537 was published for ethyca-fides (pip) Jul 2, 2024
Improper Privilege Management in djangorestframework-simplejwt Low
CVE-2024-22513 was published for djangorestframework-simplejwt (pip) Mar 16, 2024
r3kumar dmdhrumilmistry
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider Low
CVE-2024-29733 was published for apache-airflow-providers-ftp (pip) Apr 21, 2024
ericwb
Vyper's external calls can overflow return data to return input buffer Low
CVE-2024-24560 was published for vyper (pip) Feb 2, 2024
zobront
Vyper's `_abi_decode` vulnerable to Memory Overflow Low
CVE-2024-26149 was published for vyper (pip) Feb 26, 2024
minaminao-osec
Vyper sha3 codegen bug Low
CVE-2024-24559 was published for vyper (pip) Feb 5, 2024
cyberthirst kuroi8
Apache Airflow does not return the "Cache-Control" header for dynamic content Low
CVE-2024-25142 was published for apache-airflow (pip) Jun 14, 2024
zenml-io/zenml does not expire the session after password reset Low
CVE-2024-4680 was published for zenml (pip) Jun 8, 2024
tqdm CLI arguments injection attack Low
CVE-2024-34062 was published for tqdm (pip) May 3, 2024
CopperEagle
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
Cross site scripting in zenml Low
CVE-2024-2171 was published for zenml (pip) Jun 6, 2024
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
Slack integration leaks sensitive information in logs Low
CVE-2024-35196 was published for sentry (pip) Jun 2, 2024
asottile asottile-sentry
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability Low
CVE-2024-34715 was published for ethyca-fides (pip) May 29, 2024
tariqajyusuf pattisdr
vantage6 collaboration admins can extend their influence by expanding the collaboration Low
CVE-2024-32969 was published for vantage6 (pip) May 22, 2024
Django vulnerable to Denial of Service via i18n middleware component Low
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Django data leakage via querystring manipulation in admin Low
CVE-2014-0483 was published for Django (pip) May 14, 2022
MarkLee131
OpenStack Glance sensitive information disclosure via logs Low
CVE-2014-1948 was published for glance (pip) May 17, 2022
OpenStack Glance is vulnerable to Exposure of Sensitive Information Low
CVE-2013-1840 was published for glance (pip) May 17, 2022
OpenStack Nova Changing vnic_type breaks compute service restart Low
CVE-2022-37394 was published for nova (pip) Aug 4, 2022
ProTip! Advisories are also available from the GraphQL API