Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

96 advisories

Loading
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High
CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024
Moodle IDOR when deleting OAuth2 linked accounts Moderate
CVE-2024-45690 was published for moodle/moodle (Composer) Nov 20, 2024
ansible-runner has default temporary files written to world R/W locations Moderate
CVE-2021-3701 was published for ansible-runner (pip) Aug 24, 2022
MLflow's excessive directory permissions allow local privilege escalation High
CVE-2024-27134 was published for mlflow (pip) Nov 25, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
Django Incorrect Default Permissions Moderate
CVE-2020-24584 was published for django (pip) Mar 18, 2021
sunSUNQ
Django allows unintended model editing High
CVE-2019-19118 was published for Django (pip) Dec 4, 2019
sunSUNQ
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
Moodle has insufficient access control Low
CVE-2024-43430 was published for moodle/moodle (Composer) Nov 11, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate
CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024
oscerd sunSUNQ
Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present Moderate
CVE-2024-47825 was published for github.com/cilium/cilium (Go) Oct 21, 2024
christarazi
Phone information disclosure vulnerability Moderate
CVE-2024-22889 was published for Plone (pip) Mar 6, 2024
Incorrect Default Permissions in Supervisor High
CVE-2017-11610 was published for supervisor (pip) May 13, 2022
netaddr before 1.5.3 and 2.0.4 has Incorrect Default Permissions Critical
CVE-2019-17383 was published for netaddr (RubyGems) Oct 14, 2019
stuarthannig
rtslib-fb weak permissions for /etc/target/saveconfig.json file High
CVE-2020-14019 was published for rtslib-fb (pip) May 24, 2022
Duplicate Advisory: Apiman has insufficient checks for read permissions High
GHSA-54r5-wr8x-x5v3 was published for io.apiman:apiman-manager-api-rest-impl (Maven) Dec 20, 2022 withdrawn
msavy
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks High
CVE-2020-9543 was published for manila (pip) May 24, 2022
Incorrect Default Permissions in keyring High
CVE-2012-5578 was published for keyring (pip) Mar 10, 2020
Incorrect Default Permissions in keyring High
CVE-2012-5577 was published for keyring (pip) Mar 11, 2020
JSNAPy allows unprivileged local users to alter files under the directory High
CVE-2018-0023 was published for jsnapy (pip) Jul 12, 2018
Django Incorrect Default Permissions High
CVE-2020-24583 was published for Django (pip) Mar 18, 2021
Mautic Sensitive Data Exposure due to inadequate user permission settings High
CVE-2022-25776 was published for mautic/core (Composer) Apr 12, 2024
lenonleite
Incorrect Default Permissions in Cobbler High
CVE-2021-45083 was published for cobbler (pip) Feb 21, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API