github advisory-database issues

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.72k stars 322 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

[GHSA-hh32-7344-cg2f] Authorization bypass in Spring Security

#4867 moon2263 closed 4 hours ago
2
[GHSA-mg8j-w93w-xjgc] Drupal Full Path Disclosure

#4865 longwave closed 1 day ago
5
[GHSA-gcx4-mw62-g8wm] DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS

#4864 Bibianoo closed 1 day ago
1
[GHSA-7vxc-q7rv-qfj8] SUCHMOKUO node-worker-threads-pool denial of service Vulnerability

#4863 nalandial closed 1 day ago
1
[GHSA-j24h-xcpc-9jw8] Add org.eclipse.core.resources and org.eclipse.help as affected

#4862 guidobonomi opened 2 days ago
3
[GHSA-vr8j-hgmm-jh9r] openssl-src subject to DoS by double-checked locking

#4861 westonsteimel closed 2 days ago
1
Potential Data Discrepancy in CVE Listings

#4860 leoambrus opened 3 days ago
0
[GHSA-rrr8-f88r-h8q6] find-my-way has a ReDoS vulnerability in multiparametric routes

#4859 sealonohana opened 3 days ago
2
[GHSA-rxmx-cgf3-gfph] An issue in Doccano Open source annotation tools for...

#4858 m3t3kh4n closed 4 hours ago
1
[GHSA-7jvh-4mqp-gf66] An issue in Doccano Open source annotation tools for...

#4857 m3t3kh4n closed 4 hours ago
2
[GHSA-jm9x-rx9x-wpqj] pgAdmin versions 8.11 and earlier are vulnerable to a...

#4856 m3t3kh4n closed 3 days ago
1
[GHSA-355v-2rjx-fpx7] A vulnerability classified as problematic was found in...

#4855 m3t3kh4n closed 3 days ago
1
[GHSA-g643-xq6w-r67c] Deserialization of Untrusted Data vulnerability in Apache...

#4853 streichsbaer closed 4 days ago
3
[GHSA-xpp6-8r3j-ww43] Undertow Denial of Service vulnerability

#4852 fawind closed 4 days ago
3
[GHSA-v5gf-r78h-55q6] document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection

#4851 c0rydoras closed 4 days ago
2
[GHSA-f522-ffg8-j8r6] Regular Expression Denial of Service in is-my-json-valid

#4850 matsumokei closed 2 days ago
5
[GHSA-59hf-mpf8-pqjh] Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8...

#4849 c0rydoras closed 1 week ago
1
[GHSA-9gxg-3rjh-xv63] A flaw was found in oVirt. A user with administrator...

#4848 sandrobonazzola closed 1 week ago
1
[GHSA-vp98-w2p3-mv35] Apache Log4j 1.x (EOL) allows Denial of Service (DoS)

#4847 jw123023 closed 1 week ago
1
[GHSA-j76j-rqwj-jmvv] Keycloak Session Fixation vulnerability

#4846 stianst closed 1 week ago
1
[GHSA-f78j-4w3g-4q65] StimulusReflex arbitrary method call

#4844 matt-phylum closed 1 week ago
2
Add Spring Security Advisories as data source for GHSA database

#4843 sym-stiller opened 1 week ago
0
[GHSA-48cr-j2cx-mcr8] Inadequate Encryption Strength vulnerability in Apache...

#4842 oscerd closed 1 week ago
1
[GHSA-f5fw-25gw-5m92] Apache Hadoop’s RunJar.run() does not set permissions for...

#4841 oscerd closed 1 week ago
2
[GHSA-6gch-63wp-4v5f] In Apache Linkis <= 1.5.0, a Random string security...

#4840 oscerd closed 1 week ago
1
[GHSA-622h-h2p8-743x] JWT token compromise can allow malicious actions including Remote Code Execution (RCE)

#4839 holyspectral closed 1 week ago
1
[GHSA-6qmx-42h2-j8h6] .NET Elevation of Privilege Vulnerability

#4838 rbhanda closed 1 week ago
2
[GHSA-6f62-3596-g6w7] HTTP Request Smuggling in ruby webrick

#4837 bermannoah closed 1 week ago
1
[GHSA-6f62-3596-g6w7] HTTP Request Smuggling in ruby webrick

#4836 renatolond closed 1 week ago
1
[GHSA-mv48-hcvh-8jj8] Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service

#4834 stypr closed 1 week ago
1
A question about review priority

#4832 leoambrus opened 1 week ago
0
[GHSA-296q-rj83-g9rq] Reflected Cross Site-Scripting (XSS) in Oveleon Cookiebar

#4831 usdResponsibleDisclosure closed 1 week ago
2
[GHSA-2jv5-9r88-3w3p] python-multipart vulnerable to Content-Type Header ReDoS

#4829 amita-seal closed 1 week ago
3
[GHSA-mg8j-w93w-xjgc] Drupal Full Path Disclosure

#4827 cmlara closed 1 week ago
1
[GHSA-mv48-hcvh-8jj8] Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service

#4826 stypr closed 1 week ago
2
[GHSA-f2jm-rw3h-6phg] LangChain pickle deserialization of untrusted data

#4824 BarrensZeppelin closed 2 weeks ago
2
[GHSA-h92q-fgpp-qhrq] CoreDNS Cache Poisoning via a birthday attack

#4823 opwx closed 2 weeks ago
0
Please add update on GHSA-33m6-q9v5-62r7 description

#4822 DrDaveD closed 2 weeks ago
2
[GHSA-m6gj-h9gm-gw44] Django Incorrect Default Permissions

#4820 Nikunj262 closed 2 weeks ago
1
[GHSA-78vg-7v27-hj67] auditor-bundle vulnerable to Cross-site Scripting because name of entity does not get escaped

#4819 Gonzalo1987 closed 2 weeks ago
2
[GHSA-hxwh-jpp2-84pm] Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default

#4818 icarocd closed 2 weeks ago
1
[GHSA-w97f-w3hq-36g2] Keycloak Denial of Service vulnerability

#4817 abstractj closed 2 weeks ago
4
[GHSA-x9r9-48rm-4xm6] FitNesse allows execution of arbitrary OS commands

#4816 tcnh opened 2 weeks ago
2
[GHSA-m979-w9wj-qfj9] HashiCorp Vault Improper Privilege Management

#4815 andrewpollock closed 2 weeks ago
1
[GHSA-66vw-v2x9-hw75] Podman publishes a malicious image to public registries

#4814 andrewpollock closed 2 weeks ago
1
[GHSA-4mp7-2m29-gqxf] HashiCorp Vault Authentication bypass

#4813 andrewpollock closed 2 weeks ago
1
[GHSA-4v7x-pqxf-cx7m] net/http, x/net/http2: close connections when receiving too many headers

#4812 andrewpollock closed 2 weeks ago
2
[GHSA-p976-h52c-26p6] Rancher vulnerable to Privilege Escalation via manipulation of Secrets

#4811 andrewpollock closed 2 weeks ago
3
[GHSA-j6vv-vv26-rh7c] HashiCorp Vault Improper Privilege Management

#4810 andrewpollock closed 2 weeks ago
1
[GHSA-46v3-ggjg-qq3x] Rancher UI has multiple Cross-Site Scripting (XSS) issues

#4809 andrewpollock closed 2 weeks ago
3