Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Cobbler vulnerable to code injection via unsafe YAML loading Moderate
CVE-2011-4953 was published for cobbler (pip) May 17, 2022
code injection vulnerability exists in the huggingface/text-generation-inference repository Moderate
CVE-2024-3924 was published for text-generation (pip) Jun 2, 2024
Arbitrary Code Execution in blazar-dashboard Moderate
CVE-2020-26943 was published for blazar-dashboard (pip) Oct 27, 2020
Remote Code Execution in create_conda_env function in lollms Moderate
CVE-2024-3121 was published for lollms (pip) Jun 24, 2024
Composio Code Injection Vulnerability Moderate
CVE-2024-8864 was published for composio-core (pip) Sep 16, 2024
Plone Sandbox Bypass Moderate
CVE-2012-5493 was published for Plone (pip) May 17, 2022
qlib Deserialization of Untrusted Data vulnerability Moderate
CVE-2021-23338 was published for pyqlib (pip) May 24, 2022
Code Injection in SLO Generator Moderate
CVE-2021-22557 was published for slo-generator (pip) Oct 5, 2021
Flair allows arbitrary code execution Moderate
CVE-2024-10073 was published for flair (pip) Oct 17, 2024
m3t3kh4n
Privilege escalation for users that can access mock configuration Moderate
CVE-2023-6395 was published for templated_dictionary (pip) Jan 16, 2024
Langflow vulnerable to remote code execution Moderate
CVE-2024-48061 was published for langflow (pip) Nov 5, 2024
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible Moderate
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
ProTip! Advisories are also available from the GraphQL API