GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
88 advisories
Harbor fails to validate the user permissions when updating tag immutability policies
Moderate
CVE-2022-31669
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
Harbor fails to validate the user permissions when updating a robot account
Moderate
CVE-2022-31667
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
Unauthorized privilege escalation in Mod module
Moderate
CVE-2020-15278
was published
for
red-discordbot
(pip)
Oct 27, 2020
Gradio's CORS origin validation accepts the null origin
Moderate
CVE-2024-47165
was published
for
gradio
(pip)
Oct 10, 2024
OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability
Moderate
CVE-2024-45043
was published
for
github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver
(Go)
Aug 29, 2024
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes
Moderate
CVE-2023-47037
was published
for
apache-airflow
(pip)
Nov 12, 2023
Bostr Improper Authorization vulnerability
Moderate
CVE-2024-41962
was published
for
bostr
(npm)
Aug 2, 2024
Quarkus: authorization flaw in quarkus resteasy reactive and classic
Moderate
CVE-2023-5675
was published
for
io.quarkus:quarkus-resteasy-reactive-common
(Maven)
Apr 25, 2024
Arbitrary File Override in Docker Engine
Moderate
CVE-2015-3631
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API