GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
29,215 advisories
Generation of Error Message Containing Sensitive Information in zsa
Moderate
CVE-2024-37162
was published
for
zsa
(npm)
Jun 6, 2024
Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Moderate
GHSA-w235-7p84-xx57
was published
for
tornado
(pip)
Jun 6, 2024
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
Moderate
GHSA-753j-mpmx-qq6g
was published
for
tornado
(pip)
Jun 6, 2024
TokenController formName not sanitized in hidden input
Moderate
CVE-2024-37156
was published
for
sulu/form-bundle
(Composer)
Jun 6, 2024
onnx allows Arbitrary File Overwrite in download_model_with_test_data
High
CVE-2024-5187
was published
for
onnx
(pip)
Jun 6, 2024
Withdrawn Advisory: lunary-ai/lunary XSS in SAML metadata endpoint
High
CVE-2024-5478
was published
for
lunary
(npm)
Jun 6, 2024
•
withdrawn
Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever
Moderate
CVE-2024-3095
was published
for
langchain-community
(pip)
Jun 6, 2024
Denial of service in langchain-community
Moderate
CVE-2024-2965
was published
for
langchain
(pip)
Jun 6, 2024
ProTip!
Advisories are also available from the
GraphQL API