GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
20,892 advisories
Vitess allows HTML injection in /debug/querylogz & /debug/env
Moderate
CVE-2024-53257
was published
for
vitess.io/vitess
(Go)
Dec 3, 2024
Access to Archived Argo Workflows with Fake Token in `client` mode
Moderate
CVE-2024-53862
was published
for
github.com/argoproj/argo-workflows/v3
(Go)
Dec 2, 2024
BunkerWeb has Open Redirect Vulnerability in Loading Page
Moderate
CVE-2024-53264
was published
for
github.com/bunkerity/bunkerweb
(Go)
Dec 2, 2024
Denial of service (DoS) via deformation `multipart/form-data` boundary
High
CVE-2024-53981
was published
for
python-multipart
(pip)
Dec 2, 2024
Mongoose search injection vulnerability
High
CVE-2024-53900
was published
for
mongoose
(npm)
Dec 2, 2024
hull.js Code Injection Vulnerability
Critical
GHSA-q849-wxrc-vqrp
was published
for
hull.js
(npm)
Dec 2, 2024
AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
Critical
CVE-2024-53990
was published
for
org.asynchttpclient:async-http-client
(Maven)
Dec 2, 2024
Netty vulnerability included in redis lettuce
Moderate
GHSA-q4h9-7rxj-7gx2
was published
for
io.lettuce:lettuce-core
(Maven)
Dec 2, 2024
SimpleSAMLphp vulnerable to XXE in parsing SAML messages
High
GHSA-j5g2-q29x-cw3h
was published
for
simplesamlphp/simplesamlphp
(Composer)
Dec 2, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API