GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28,048 advisories
Sending a GET or HEAD request with a body crashes SvelteKit
High
CVE-2024-23641
was published
for
@sveltejs/adapter-node
(npm)
Jan 24, 2024
Cross-site Scripting Vulnerability on Data Import
Moderate
CVE-2024-23633
was published
for
label-studio
(pip)
Jan 24, 2024
Cross-site Scripting Vulnerability on Avatar Upload
High
CVE-2023-47115
was published
for
label-studio
(pip)
Jan 24, 2024
Remote Command Execution in SOFARPC
Critical
CVE-2024-23636
was published
for
com.alipay.sofa:rpc-sofa-boot-starter
(Maven)
Jan 23, 2024
No permission checks for editing/deleting records with CSV import form
Moderate
CVE-2023-49783
was published
for
silverstripe/admin
(Composer)
Jan 23, 2024
XSS potential in rendered Markdown fields (comments, description, notes, etc.)
High
CVE-2024-23345
was published
for
nautobot
(pip)
Jan 23, 2024
keycloak-core: open redirect via "form_post.jwt" JARM response mode
Moderate
CVE-2023-6927
was published
for
org.keycloak:keycloak-core
(Maven)
Jan 23, 2024
Prototype pollution not blocked by object-path related utilities in hoolock
Moderate
CVE-2024-23339
was published
for
hoolock
(npm)
Jan 23, 2024
changedetection.io API endpoint is not secured with API token
Low
CVE-2024-23329
was published
for
changedetection.io
(pip)
Jan 23, 2024
Minerva timing attack on P-256 in python-ecdsa
High
CVE-2024-23342
was published
for
ecdsa
(pip)
Jan 22, 2024
Spring Framework server Web DoS Vulnerability
High
CVE-2024-22233
was published
for
org.springframework:spring-core
(Maven)
Jan 22, 2024
ProTip!
Advisories are also available from the
GraphQL API