GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
transmute-core unsafe YAML deserialization vulnerability
Critical
CVE-2023-47204
was published
for
transmute-core
(pip)
Nov 2, 2023
PyArrow: Arbitrary code execution when loading a malicious data file
Critical
CVE-2023-47248
was published
for
pyarrow
(pip)
Nov 9, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes
Moderate
CVE-2023-47037
was published
for
apache-airflow
(pip)
Nov 12, 2023
SQL injection in Apache Submarine
Critical
CVE-2023-37924
was published
for
apache-submarine
(pip)
Nov 22, 2023
Unsafe yaml deserialization in llama-hub
Critical
CVE-2024-23730
was published
for
llama-hub
(pip)
Jan 21, 2024
Improper Privilege Management in djangorestframework-simplejwt
Low
CVE-2024-22513
was published
for
djangorestframework-simplejwt
(pip)
Mar 16, 2024
ESPHome vulnerable to Authentication bypass via Cross site request forgery
High
CVE-2024-29019
was published
for
esphome
(pip)
Mar 21, 2024
LiteLLM has Server-Side Template Injection vulnerability in /completions endpoint
Critical
CVE-2024-2952
was published
for
litellm
(pip)
Apr 10, 2024
ProTip!
Advisories are also available from the
GraphQL API