GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
langchain_experimental Code Execution via Python REPL access
High
CVE-2024-38459
was published
for
langchain-experimental
(pip)
Jun 16, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users
Moderate
CVE-2024-26280
was published
for
apache-airflow
(pip)
Mar 1, 2024
Apache Superset has Incorrect Default Permissions
Moderate
CVE-2023-42501
was published
for
apache-superset
(pip)
Nov 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3146
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3101
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
ansible-runner 2.0.0 default temporary files written to world R/W locations
Moderate
CVE-2021-3701
was published
for
ansible-runner
(pip)
Aug 24, 2022
rtslib-fb weak permissions for /etc/target/saveconfig.json file
High
CVE-2020-14019
was published
for
rtslib-fb
(pip)
May 24, 2022
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks
High
CVE-2020-9543
was published
for
manila
(pip)
May 24, 2022
Incorrect Default Permissions in Supervisor
High
CVE-2017-11610
was published
for
supervisor
(pip)
May 13, 2022
Incorrect Default Permissions in Cobbler
High
CVE-2021-45083
was published
for
cobbler
(pip)
Feb 21, 2022
Django Incorrect Default Permissions
High
CVE-2020-24583
was published
for
Django
(pip)
Mar 18, 2021
Django Incorrect Default Permissions
High
CVE-2020-24584
was published
for
django
(pip)
Mar 18, 2021
Incorrect Default Permissions in keyring
High
CVE-2012-5577
was published
for
keyring
(pip)
Mar 11, 2020
Incorrect Default Permissions in keyring
High
CVE-2012-5578
was published
for
keyring
(pip)
Mar 10, 2020
Django allows unintended model editing
Moderate
CVE-2019-19118
was published
for
Django
(pip)
Dec 4, 2019
JSNAPy allows unprivileged local users to alter files under the directory
High
CVE-2018-0023
was published
for
jsnapy
(pip)
Jul 12, 2018
ProTip!
Advisories are also available from the
GraphQL API