Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

50 advisories

Loading
Code injection in ansible High
CVE-2017-2809 was published for ansible-vault (pip) Jul 13, 2018
Code injection in Danijar Definitions High
CVE-2018-20325 was published for definitions (pip) Dec 26, 2018
sqla-yaml-fixtures is vulnerable to Code Injection High
CVE-2019-3575 was published for sqla-yaml-fixtures (pip) Jan 4, 2019
Code Injection in PyXDG High
CVE-2019-12761 was published for pyxdg (pip) Jun 7, 2019
Log injection in uvicorn High
CVE-2020-7694 was published for uvicorn (pip) Jul 29, 2020
tdunlap607
openapi-python-client Arbitrary Code Generation vulnerability High
CVE-2020-15142 was published for openapi-python-client (pip) Aug 20, 2020
emann dtkav
dbanty westonsteimel
Remote Code Execution in Red Discord Bot High
CVE-2020-15147 was published for Red-DiscordBot (pip) Aug 21, 2020
Jackenmen
Code injection in nbgitpuller High
CVE-2021-39160 was published for nbgitpuller (pip) Aug 30, 2021
Improper Input Validation and Command Injection in Ansible High
CVE-2021-3583 was published for ansible (pip) Sep 23, 2021
Cobbler before 3.3.0 allows log poisoning High
CVE-2021-40323 was published for cobbler (pip) Oct 5, 2021
Code injection in FreeIPA High
CVE-2019-14867 was published for freeipa (pip) Dec 6, 2021
Code injection via unsafe YAML loading High
CVE-2021-43811 was published for sockeye (pip) Dec 9, 2021
IPython Notebook vulnerable to improper validation of the origin of websocket requests High
CVE-2014-3429 was published for ipython (pip) May 14, 2022
OpenStack Swift Unchecked user input in XML responses High
CVE-2013-2161 was published for swift (pip) May 14, 2022
TDQM Arbitrary Code Execution High
CVE-2016-10075 was published for tqdm (pip) May 14, 2022
Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability High
CVE-2008-6954 was published for cobbler (pip) May 17, 2022
Plone Code Injection vulnerability High
CVE-2012-5488 was published for Plone (pip) May 17, 2022
tdunlap607
Plone Code Injection vulnerability High
CVE-2012-5485 was published for Plone (pip) May 17, 2022
Cobbler is vulnerable to code injection High
CVE-2010-2235 was published for cobbler (pip) May 17, 2022
GramAddict bot uses dependency with reverse tcp backdoor High
CVE-2020-36245 was published for GramAddict (pip) May 24, 2022
Code injection in `saved_model_cli` in TensorFlow High
CVE-2022-29216 was published for tensorflow (pip) May 24, 2022
Command Injection in Nuitka High
CVE-2022-2054 was published for Nuitka (pip) Jun 13, 2022
Poetry Argument Injection can lead to Local Code Execution High
CVE-2022-36069 was published for poetry (pip) Sep 16, 2022
paul-gerste-sonarsource neersighted
Powerline Gitstatus vulnerable to arbitrary code execution High
CVE-2022-42906 was published for powerline-gitstatus (pip) Oct 13, 2022
Improper Control of Generation of Code ('Code Injection') in Azure CLI High
CVE-2022-39327 was published for azure-cli (pip) Oct 25, 2022
ProTip! Advisories are also available from the GraphQL API