Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20 advisories

Loading
Zope allows attackers to modify raw image and file data Moderate
CVE-2000-1212 was published for zope (pip) Apr 30, 2022
MoinMoin vulnerable to privilege escalation Moderate
CVE-2008-1937 was published for moin (pip) May 1, 2022
OpenStack Compute (Nova) Improper Access Control Moderate
CVE-2015-2687 was published for nova (pip) May 17, 2022
MoinMoin Access Restrictions Bypassed due to improper ACL enforcement Moderate
CVE-2008-6603 was published for moin (pip) May 17, 2022
OpenStack Identity Keystone Improper Access Control Moderate
CVE-2016-4911 was published for keystone (pip) May 17, 2022
OpenStack Image Service (Glance) vulnerable to Improper Access Control Moderate
CVE-2016-0757 was published for glance (pip) May 17, 2022
Plone Privilege escalation through exposed underlying API Moderate
CVE-2013-7061 was published for Plone (pip) May 17, 2022
MoinMoin Improper Access Control Moderate
CVE-2012-4404 was published for moin (pip) May 17, 2022
Openstack Octavia Access Control Vulnerability Moderate
CVE-2019-3895 was published for octavia (pip) May 24, 2022
GNU Mailman Postorius Access Control Issues Moderate
CVE-2021-40347 was published for postorius (pip) May 24, 2022
Sentry vulnerable to invite code reuse via cookie manipulation Moderate
CVE-2022-23485 was published for sentry (pip) Dec 12, 2022
tdunlap607
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
cross-site inclusion (XSSI) of files in jupyter-server Moderate
CVE-2023-40170 was published for jupyter-server (pip) Aug 29, 2023
Improper Access Control in vantage6 Moderate
CVE-2023-41882 was published for vantage6 (pip) Oct 13, 2023
Apache Airflow Improper Access Control vulnerability Moderate
CVE-2023-50783 was published for apache-airflow (pip) Dec 21, 2023
vantage6 has insecure SSH configuration for node and server containers Moderate
CVE-2024-21653 was published for vantage6 (pip) Jan 30, 2024
MLflow allows low privilege users to delete any artifact Moderate
CVE-2024-4263 was published for mlflow (pip) May 16, 2024
litellm vulnerable to improper access control in team management Moderate
CVE-2024-5710 was published for litellm (pip) Jun 27, 2024
krrishdholakia byt3bl33d3r
Access control vulnerable to user data deletion by anonynmous users Moderate
CVE-2024-51734 was published for AccessControl (pip) Nov 4, 2024
n1k9 d-maurer
perrinjerome dataflake
Improper Access Control in janeczku/calibre-web Moderate
CVE-2021-3987 was published for calibreweb (pip) Nov 15, 2024
ProTip! Advisories are also available from the GraphQL API