Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

152 advisories

Loading
Argo Workflows Controller: Denial of Service via malicious daemon Workflows Moderate
CVE-2024-47827 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 28, 2024
meln5674 agilgur5
Gradio has a race condition in update_root_in_config may redirect user traffic High
CVE-2024-47870 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability High
CVE-2024-38229 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 8, 2024
Incorrect delegation lookups can make go-tuf download the wrong artifact High
CVE-2024-47534 was published for github.com/theupdateframework/go-tuf/v2 (Go) Oct 1, 2024
AdamKorcz mamccorm
Undertow vulnerable to Race Condition High
CVE-2024-7885 was published for io.undertow:undertow-core (Maven) Aug 21, 2024
jw123023
Policy bypass for Host Firewall policy due to race condition in Cilium agent Moderate
CVE-2024-42488 was published for github.com/cilium/cilium (Go) Aug 15, 2024
skmatti
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability Moderate
GHSA-rvj4-q8q5-8grf was published for github.com/traefik/traefik/v2 (Go) Jun 20, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
Race condition in zenml Low
CVE-2024-2032 was published for zenml (pip) Jun 6, 2024
Grafana Race condition allowing privilege escalation Critical
CVE-2022-39328 was published for github.com/grafana/grafana (Go) May 14, 2024
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Moderate
CVE-2024-30046 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 14, 2024
WordOps has TOCTOU race condition Moderate
CVE-2024-34528 was published for wordops (pip) May 6, 2024
VirtuBox
Pterodactyl Wings vulnerable to improper isolation of server file access Critical
CVE-2024-27102 was published for github.com/pterodactyl/wings (Go) Mar 15, 2024
KurtThiemann aft2d
matthewpi
vantage6 vulnerable to a username timing attack on recover password/MFA token Moderate
CVE-2024-24770 was published for vantage6 (pip) Mar 15, 2024
Apache Answer Race Condition vulnerability Moderate
CVE-2024-26578 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
Race condition in Endorsements Low
CVE-2023-47634 was published for decidim (RubyGems) Feb 20, 2024
microstudi alecslupu
andreslucena
BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts High
CVE-2024-23651 was published for github.com/moby/buildkit (Go) Jan 31, 2024
rmcnamara-snyk
Apache Answer Race Condition vulnerability Low
CVE-2023-49619 was published for github.com/apache/incubator-answer (Go) Jan 10, 2024
snapd Race Condition vulnerability Critical
CVE-2022-3328 was published for github.com/snapcore/snapd (Go) Jan 8, 2024
Duplicate Advisory: Race Condition leading to logging errors Low
GHSA-v444-jggx-6v7f was published for audited (RubyGems) Jan 4, 2024 withdrawn
Deis Workflow Manager race condition vulnerability Moderate
CVE-2016-15036 was published for github.com/deis/workflow-manager (Go) Dec 23, 2023
github.com/go-resty/resty/v2 HTTP request body disclosure Moderate
CVE-2023-45286 was published for github.com/go-resty/resty/v2 (Go) Nov 28, 2023
shanduur Kryvchun
billinghamj deerbone neilgierman hansmi
Fabric vulnerable to crosslinking transaction attack High
CVE-2023-46132 was published for github.com/hyperledger/fabric (Go) Nov 14, 2023
yacovm
ZITADEL race condition in lockout policy execution High
CVE-2023-47111 was published for github.com/zitadel/zitadel (Go) Nov 8, 2023
itz-d0dgy livio-a
Harbor timing attack risk Moderate
CVE-2023-20902 was published for github.com/goharbor/harbor (Go) Oct 10, 2023
ProTip! Advisories are also available from the GraphQL API