Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Flair allows arbitrary code execution Moderate
CVE-2024-10073 was published for flair (pip) Oct 17, 2024
m3t3kh4n
MySQL Connector/Python connector takeover vulnerability High
CVE-2024-21272 was published for mysql-connector-python (pip) Oct 15, 2024
m3t3kh4n
Inefficient Regular Expression Complexity in langflow Moderate
CVE-2024-9277 was published for langflow (pip) Sep 27, 2024
m3t3kh4n
OAuth2 client ID and secret exposed through the web browser High
CVE-2024-9014 was published for pgadmin4 (pip) Sep 23, 2024
m3t3kh4n
Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance Moderate
CVE-2024-24595 was published for clearml (pip) Feb 6, 2024
m3t3kh4n
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
Deserialization of untrusted data in synthcity Critical
CVE-2024-0937 was published for synthcity (pip) Jan 26, 2024
m3t3kh4n
Null pointer dereference in PKCS12 parsing Moderate
CVE-2024-0727 was published for cryptography (pip) Jan 26, 2024
m3t3kh4n
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Authenticated Local Privilege Escalation vulnerability in Intel Optimization for Tensorflow Moderate
CVE-2023-27506 was published for intel-tensorflow (pip) Aug 11, 2023
m3t3kh4n
Reportlab vulnerable to remote code execution High
CVE-2023-33733 was published for reportlab (pip) Jun 5, 2023
m3t3kh4n
ProTip! Advisories are also available from the GraphQL API