Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

61 advisories

Loading
Remote Memory Exposure in floody Moderate
GHSA-3p92-886g-qxpq was published for floody (npm) Jun 4, 2019
Remote Memory Disclosure in bittorrent-dht Moderate
CVE-2016-10519 was published for bittorrent-dht (npm) Sep 1, 2020
mysql Node.JS Module Vulnerable to Remote Memory Exposure Moderate
GHSA-5f7m-mmpc-qhh4 was published for mysql (npm) May 23, 2019
A CSRF token visible in the URL may possibly lead to information disclosure vulnerability. Moderate Unreviewed
CVE-2022-27671 was published Apr 13, 2022
Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True` High
CVE-2023-28117 was published for sentry-sdk (pip) Mar 21, 2023
Answer vulnerable to Insertion of Sensitive Information Into Sent Data Moderate
CVE-2023-1975 was published for github.com/answerdev/answer (Go) Apr 11, 2023
keycloak-core discloses system properties Moderate
CVE-2017-2582 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Remote Memory Exposure in request Moderate
CVE-2017-16026 was published for request (npm) Nov 9, 2018
tdunlap607
Remote Memory Disclosure in ws Low
CVE-2016-10518 was published for ws (npm) Feb 18, 2019
tdunlap607
Vaadin vulnerable to possible information disclosure in non visible components. Moderate
CVE-2023-25499 was published for com.vaadin:flow-server (Maven) Jun 22, 2023
Cookies are sent to external images in rendered diff (and server side request forgery) Critical
CVE-2023-48240 was published for org.xwiki.platform:xwiki-platform-diff-xml (Maven) Nov 20, 2023
Remote Memory Exposure in mongoose Moderate
GHSA-r5xw-q988-826m was published for mongoose (npm) Sep 1, 2020
mprpic
ProTip! Advisories are also available from the GraphQL API