GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,388 advisories
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
Low
CVE-2024-52008
was published
for
ethyca-fides
(pip)
Nov 26, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
GeoNode Server Side Request forgery
High
CVE-2023-40017
was published
for
geonode
(pip)
Nov 21, 2024
LLama Factory Remote OS Command Injection Vulnerability
High
CVE-2024-52803
was published
for
llamafactory
(pip)
Nov 21, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
HTML Cleaner allows crafted scripts in special contexts like svg or math to pass through
High
CVE-2024-52595
was published
for
lxml-html-clean
(pip)
Nov 19, 2024
aiohttp allows request smuggling due to incorrect parsing of chunk extensions
Moderate
CVE-2024-52304
was published
for
aiohttp
(pip)
Nov 18, 2024
cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes
Critical
CVE-2024-47533
was published
for
cobbler
(pip)
Nov 18, 2024
ReDoS in giskard's transformation.py (GHSL-2024-324)
Moderate
CVE-2024-52524
was published
for
giskard
(pip)
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API