Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

94 advisories

Loading
CSRF tokens leaked in URL by canned query form Moderate
GHSA-q6j3-c4wc-63vw was published for datasette (pip) Aug 11, 2020
Potential API key leak Moderate
GHSA-63rq-p8fp-524q was published for sopel-modules.weather (pip) Apr 13, 2021
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates Moderate
CVE-2021-4180 was published for tripleo-heat-templates (pip) Mar 24, 2022
Information disclosure vulnerability in OnionShare Moderate
CVE-2021-41867 was published for onionshare-cli (pip) Nov 19, 2021
OpenStack Cinder Exposure of Sensitive Information to an Unauthorized Actor vulnerability Moderate
CVE-2014-3641 was published for cinder (pip) May 17, 2022
OpenStack Object Storage (Swift) Sensitive Data Exposure Moderate
CVE-2015-5223 was published for swift (pip) May 14, 2022
aptdaemon Information Disclosure via Improper Input Validation in Transaction class Moderate
CVE-2020-15703 was published for aptdaemon (pip) May 24, 2022
Mailman Sensitive Information Disclosure Moderate
CVE-2004-0412 was published for mailman (pip) Apr 29, 2022
FTP backend for Duplicity Discloses Passwords to Process Listing Moderate
CVE-2007-5201 was published for duplicity (pip) May 1, 2022
Information disclosure in AccessControl Moderate
CVE-2023-41050 was published for AccessControl (pip) Sep 7, 2023
d-maurer
Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users Moderate
CVE-2023-40570 was published for datasette (pip) Aug 22, 2023
Apache Superset vulnerable to Exposure of Sensitive Information Moderate
CVE-2023-30776 was published for apache-superset (pip) Jul 6, 2023
yt-dlp File Downloader cookie leak Moderate
CVE-2023-35934 was published for yt-dlp (pip) Jul 6, 2023
Grub4K bashonly
coletdjnz
Fides Information Disclosure Vulnerability in Config API Endpoint Moderate
CVE-2023-46125 was published for ethyca-fides (pip) Oct 24, 2023
h0wl
Apache Airflow vulnerable to sensitive information exposure Moderate
CVE-2023-42663 was published for apache-airflow (pip) Oct 14, 2023
web2py exposure of sensitive information Moderate
CVE-2016-3954 was published for web2py (pip) May 14, 2022
Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability Moderate
CVE-2023-42505 was published for apache-superset (pip) Nov 28, 2023
OpenStack Keystone Logs Passwords Moderate
CVE-2015-3646 was published for keystone (pip) May 13, 2022
User accounts disclosed to unauthenticated actors on the LAN Moderate
CVE-2023-50715 was published for homeassistant (pip) Dec 15, 2023
r01k
Exposure of Sensitive Information in mltable Moderate
CVE-2023-35625 was published for mltable (pip) Dec 12, 2023
Synapse vulnerable to leak of remote user device information Moderate
CVE-2023-43796 was published for matrix-synapse (pip) Oct 31, 2023
NoneBot Potential Information Leak in User-Constructed Message Templates Moderate
CVE-2024-21624 was published for nonebot2 (pip) Feb 9, 2024
mnixry
Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only Moderate
CVE-2023-45348 was published for apache-airflow (pip) Oct 14, 2023
sunSUNQ
Unintended leak of Proxy-Authorization header in requests Moderate
CVE-2023-32681 was published for requests (pip) May 22, 2023
SmashITs tobiasfunke1
sethmlarson nateprewitt
ProTip! Advisories are also available from the GraphQL API