Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

48 advisories

Loading
Eve allows execution of arbitrary code Critical
CVE-2018-8097 was published for eve (pip) Jul 12, 2018
django_make_app is vulnerable to Code Injection Critical
CVE-2017-16764 was published for django_make_app (pip) Jul 13, 2018
Code injection in ymlref Critical
CVE-2018-20133 was published for ymlref (pip) Dec 19, 2018
ipycache is vulnerable to Code Injection Critical
CVE-2019-7539 was published for ipycache (pip) Mar 25, 2019
Eval injection in Supybot/Limnoria Critical
CVE-2019-19010 was published for limnoria (pip) Nov 20, 2019
remote code execution via git repo provider Critical
CVE-2021-39159 was published for binderhub (pip) Aug 30, 2021
dreyercito rccern
Code Injection in PyTorch Lightning Critical
CVE-2022-0845 was published for pytorch-lightning (pip) Mar 6, 2022
oliverchang
Plone Arbitrary Code Execution via Unsafe Handling of Pickles Critical
CVE-2007-5741 was published for plone (pip) May 1, 2022
OpenStack Object Storage (swift) Code Injection vulnerability Critical
CVE-2012-4406 was published for swift (pip) May 17, 2022
Code Injection in Django Critical
CVE-2014-0472 was published for Django (pip) May 17, 2022
MarkLee131
Plone python code injection Critical
CVE-2012-5495 was published for plone (pip) May 17, 2022
graphite-web is vulnerable to Remote Code Execution Critical
CVE-2013-5942 was published for graphite-web (pip) May 17, 2022
graphite-web is vulnerable to Remote Code Execution via renderLocalView function Critical
CVE-2013-5093 was published for graphite-web (pip) May 17, 2022
SaltStack Salt Server Side Template Injection Critical
CVE-2021-25283 was published for salt (pip) May 24, 2022
joblib vulnerable to arbitrary code execution Critical
CVE-2022-21797 was published for joblib (pip) Sep 27, 2022
dawookie
PaddlePaddle vulnerable to code injection via winstr Critical
CVE-2022-45908 was published for paddlepaddle (pip) Nov 26, 2022
GitPython vulnerable to Remote Code Execution due to improper user input validation Critical
CVE-2022-24439 was published for GitPython (pip) Dec 6, 2022
ad-m-ss tdunlap607
PaddlePaddle vulnerable to Code Injection Critical
CVE-2022-46742 was published for paddlepaddle (pip) Dec 7, 2022
mattberry3
Code Injection in pyload-ng Critical
CVE-2023-0297 was published for pyload-ng (pip) Jan 14, 2023
LangChain vulnerable to code injection Critical
CVE-2023-29374 was published for langchain (pip) Apr 5, 2023
Apache Airflow Hive Provider vulnerable to code injection Critical
CVE-2023-28706 was published for apache-airflow-providers-apache-hive (pip) Apr 7, 2023
langchain arbitrary code execution vulnerability Critical
CVE-2023-36258 was published for langchain (pip) Jul 3, 2023
xalpha vulnerable to Remote Code Execution Critical
CVE-2023-37659 was published for xalpha (pip) Jul 11, 2023
langchain Code Injection vulnerability Critical
CVE-2023-36095 was published for langchain (pip) Aug 5, 2023
ProTip! Advisories are also available from the GraphQL API