GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
Access control vulnerable to user data deletion by anonynmous users
Moderate
CVE-2024-51734
was published
for
AccessControl
(pip)
Nov 4, 2024
Improper Privilege Management in djangorestframework-simplejwt
Low
CVE-2024-22513
was published
for
djangorestframework-simplejwt
(pip)
Mar 16, 2024
Improper Privilege Management in sap-xssec
Critical
CVE-2023-50423
was published
for
sap-xssec
(pip)
Dec 13, 2023
Duplicate Advisory: Privilege escalation in sap-xssec
Critical
GHSA-p99h-pfg6-qrfg
was published
for
sap-xssec
(pip)
Dec 12, 2023
•
withdrawn
Apache Spark vulnerable to Improper Privilege Management
Critical
CVE-2023-22946
was published
for
org.apache.spark:spark-core_2.12
(Maven)
Apr 17, 2023
Sentry vulnerable to invite code reuse via cookie manipulation
Moderate
CVE-2022-23485
was published
for
sentry
(pip)
Dec 12, 2022
Improper Privilege Management in rdiffweb
Critical
CVE-2022-4314
was published
for
rdiffweb
(pip)
Dec 12, 2022
Execution with Unnecessary Privileges in JupyterApp
High
CVE-2022-39286
was published
for
jupyter-core
(pip)
Oct 26, 2022
OctoPrint Improper Privilege Management vulnerability
High
CVE-2022-3068
was published
for
OctoPrint
(pip)
Sep 22, 2022
ClusterLabs crmsh vulnerable to shell code injection
High
CVE-2020-35459
was published
for
crmsh
(pip)
May 24, 2022
OpenStack Keystone EC2 and/or credential endpoints are not protected from a scoped context
High
CVE-2020-12689
was published
for
keystone
(pip)
May 24, 2022
Plone Unauthenticated Write Vulnerability
Critical
CVE-2020-7941
was published
for
Plone
(pip)
May 24, 2022
Celery local privilege escalation vulnerability
Moderate
CVE-2011-4356
was published
for
celery
(pip)
May 17, 2022
Tryton Information Disclosure Vulnerability
Moderate
CVE-2017-0360
was published
for
trytond
(pip)
May 13, 2022
OpenStack Identity Keystone Improper Privilege Management
Moderate
CVE-2014-0204
was published
for
keystone
(pip)
May 13, 2022
OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege
Moderate
CVE-2014-3476
was published
for
keystone
(pip)
May 13, 2022
SciPy creates insecure temporary directories
High
CVE-2013-4251
was published
for
scipy
(pip)
May 5, 2022
Improper privilege management in pyftpdlib
Moderate
CVE-2007-6741
was published
for
pyftpdlib
(pip)
May 1, 2022
Improper Privilege Management in apache-airflow
Moderate
CVE-2021-45230
was published
for
apache-airflow
(pip)
Jan 28, 2022
loguru vulnerable to improper privilege management
Moderate
CVE-2022-0338
was published
for
loguru
(pip)
Jan 26, 2022
Execution with Unnecessary Privileges in ipython
High
CVE-2022-21699
was published
for
ipython
(pip)
Jan 21, 2022
APM Java Agent Local Privilege Escalation
High
CVE-2021-37941
was published
for
elastic-apm
(pip)
Dec 9, 2021
Deserialization of Untrusted Data in Flask-Caching
Moderate
CVE-2021-33026
was published
for
Flask-Caching
(pip)
Jun 18, 2021
Improper Authentication in Apache Airflow
Moderate
CVE-2021-26697
was published
for
apache-airflow
(pip)
Jun 18, 2021
ProTip!
Advisories are also available from the
GraphQL API