Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Koji hub call does not perform correct access checks Critical
CVE-2018-1002150 was published for koji (pip) Jul 12, 2018
Incorrect Permission Assignment for Critical Resource in Plone Critical
CVE-2021-33509 was published for Plone (pip) Jun 15, 2021
HashiCorp Vault Incorrect Permission Assignment for Critical Resource Critical
CVE-2021-43998 was published for github.com/hashicorp/vault (Go) Dec 2, 2021
Apache Cassandra vulnerable to Code Injection due to unsafe configuration Critical
CVE-2021-44521 was published for org.apache.cassandra:cassandra-all (Maven) Feb 12, 2022
Struts ParameterInterceptor vulnerability allows remote command execution Critical
CVE-2011-3923 was published for org.apache.struts:struts2-core (Maven) Apr 22, 2022
Incorrect Permission Assignment for Critical Resource in ShopXO Critical
CVE-2022-28056 was published for shopxo/shopxo (Composer) May 3, 2022
Mercurial Incorrect Access Control vulnerability Critical
CVE-2018-1000132 was published for mercurial (pip) May 13, 2022
Cobbler Improper Validation of Security Tokens Critical
CVE-2018-1000226 was published for cobbler (pip) May 13, 2022
Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical
CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
GHSA-x7xj-jvwp-97rv was published for github.com/rancher/rke2 (Go) Oct 25, 2024
ProTip! Advisories are also available from the GraphQL API