GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
24,776 advisories
Reflected XSS in Application Logger module
Moderate
GHSA-2xpm-cmvw-3jcc
was published
for
pimcore/pimcore
(Composer)
Mar 16, 2023
Cross-site Scripting (XSS) in Document Types
Moderate
CVE-2023-1429
was published
for
pimcore/pimcore
(Composer)
Mar 16, 2023
Cross-site Scripting (XSS) - stored in Print Documents
Moderate
GHSA-rrwm-8wqm-gwgv
was published
for
pimcore/pimcore
(Composer)
Mar 16, 2023
Go-huge-util vulnerable to path traversal when unzipping files
High
CVE-2023-28105
was published
for
github.com/dablelv/go-huge-util
(Go)
Mar 16, 2023
DDOS attack on graphql endpoints
High
CVE-2023-28104
was published
for
silverstripe/graphql
(Composer)
Mar 16, 2023
Authelia allows open redirects on the logout endpoint
Moderate
CVE-2021-29456
was published
for
github.com/authelia/authelia/v4
(Go)
Mar 16, 2023
On a compromised node, the virt-handler service account can be used to modify all node specs
High
CVE-2023-26484
was published
for
kubevirt.io/kubevirt
(Go)
Mar 16, 2023
Server-Side Request Forgery in Request
Moderate
CVE-2023-28155
was published
for
@cypress/request
(npm)
Mar 16, 2023
Possible Denial of Service Vulnerability in Rack's header parsing
Low
CVE-2023-27539
was published
for
rack
(RubyGems)
Mar 15, 2023
ONOS vulnerable to reflected cross-site scripting
Moderate
CVE-2023-24279
was published
for
org.onosproject:onos-archetypes
(Maven)
Mar 14, 2023
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime
Moderate
CVE-2023-27483
was published
for
github.com/crossplane/crossplane-runtime
(Go)
Mar 13, 2023
Missing proper state, nonce and PKCE checks for OAuth authentication
High
CVE-2023-27490
was published
for
next-auth
(npm)
Mar 13, 2023
Password Shucking Vulnerability
Moderate
CVE-2023-27580
was published
for
codeigniter4/shield
(Composer)
Mar 13, 2023
ProTip!
Advisories are also available from the
GraphQL API