GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
30 advisories
Fides Information Disclosure Vulnerability in Config API Endpoint
Moderate
CVE-2023-46125
was published
for
ethyca-fides
(pip)
Oct 24, 2023
Red-DiscordBot vulnerable to Incorrect Authorization in commands API
Moderate
CVE-2024-39905
was published
for
Red-DiscordBot
(pip)
Jul 11, 2024
Permissions not properly checked in Invenio-Drafts-Resources
Moderate
CVE-2021-43781
was published
for
invenio-app-rdm
(pip)
Dec 6, 2021
Authorization Bypass in I hate money
Moderate
CVE-2020-15120
was published
for
ihatemoney
(pip)
Jul 27, 2020
OpenCanary Executes Commands From Potentially Writable Config File
Moderate
CVE-2024-48911
was published
for
OpenCanary
(pip)
Oct 14, 2024
Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy
Moderate
CVE-2022-0577
was published
for
scrapy
(pip)
Mar 1, 2022
Privilege Escalation in Channelmgnt plug-in for Sopel
Moderate
CVE-2020-15251
was published
for
sopel-plugins-channelmgnt
(pip)
Oct 13, 2020
Improper Authorization in cobbler
Moderate
CVE-2022-0860
was published
for
cobbler
(pip)
Mar 11, 2022
Invalid root may become trusted root in The Update Framework (TUF)
Moderate
CVE-2020-15163
was published
for
tuf
(pip)
Sep 9, 2020
Apache Superset: Improper authorization validation on dashboards and charts import
Moderate
CVE-2024-26016
was published
for
apache-superset
(pip)
Feb 28, 2024
ProTip!
Advisories are also available from the
GraphQL API