GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,354
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,552
Pub
12
RubyGems
1,013
Rust
1,204
Swift
51
Unreviewed advisories
All unreviewed
5,000+
27,964 advisories
Filter by severity
Cross-Site Request Forgery in moodle
High
CVE-2024-25982
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Improper Handling of Parameters in moodle
Moderate
CVE-2024-25979
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Authorization Bypass in moodle
Moderate
CVE-2024-25983
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Improper Access Control in moodle
Moderate
CVE-2024-25980
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Improper Access Control in moodle
Moderate
CVE-2024-25981
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Uncontrolled Resource Consumption in moodle
High
CVE-2024-25978
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
Duplicate Advisory: SQL injection in pgjdbc
Critical
GHSA-xfg6-62px-cxc2
was published
for
org.postgresql:postgresql
(Maven)
Feb 19, 2024
•
withdrawn
Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
Moderate
CVE-2024-26308
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Moderate
CVE-2024-25710
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
Cross-site Scripting in Serenity
Moderate
CVE-2024-26318
was published
for
@serenity-is/corelib
(npm)
Feb 19, 2024
Code injection in REDAXO
High
CVE-2024-25298
was published
for
redaxo/source
(Composer)
Feb 17, 2024
Improper Neutralization of HTTP Headers in github.com/greenpau/caddy-security
Moderate
CVE-2024-21499
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Improper Restriction of Excessive Authentication Attempts in github.com/greenpau/caddy-security
Moderate
CVE-2024-21500
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Server-Side Request Forgery in github.com/greenpau/caddy-security
Moderate
CVE-2024-21498
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Open Redirect in github.com/greenpau/caddy-security
Moderate
CVE-2024-21497
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Cross-site Scripting in github.com/greenpau/caddy-security
Moderate
CVE-2024-21496
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Use of Insufficiently Random Values in github.com/greenpau/caddy-security
Moderate
CVE-2024-21495
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Improper Validation of Array Index in github.com/greenpau/caddy-security
Moderate
CVE-2024-21493
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security
Moderate
CVE-2024-21494
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Insufficient Session Expiration in github.com/greenpau/caddy-security
Moderate
CVE-2024-21492
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
Low
CVE-2024-20925
was published
for
org.openjfx:javafx-media
(Maven)
Feb 17, 2024
tuf's Metadata API: Targets.get_delegated_role() is missing input validation
Low
GHSA-77hh-43cm-v8j6
was published
for
tuf
(pip)
Feb 16, 2024
Hazelcast Platform permission checking in CSV File Source connector
High
CVE-2023-45860
was published
for
com.hazelcast:hazelcast
(Maven)
Feb 16, 2024
GitHub Security Lab (GHSL) Vulnerability Report, scrypted: `GHSL-2023-218`, `GHSL-2023-219`
High
GHSA-w4hv-vmv9-hgcr
was published
for
@scrypted/core
(npm)
Feb 16, 2024
Scrapy decompression bomb vulnerability
High
CVE-2024-3572
was published
for
scrapy
(pip)
Feb 16, 2024
ProTip!
Advisories are also available from the
GraphQL API