Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

64 advisories

Loading
In marshmallow library the schema "only" option treats an empty list as implying no "only" option Moderate
CVE-2018-17175 was published for marshmallow (pip) Oct 10, 2018
Ansible apt_key module does not properly verify key fingerprint High
CVE-2016-8614 was published for ansible (pip) Oct 10, 2018
Spring Framework allows applications to expose STOMP over WebSocket endpoints Critical
CVE-2018-1270 was published for org.springframework:spring-core (Maven) Oct 17, 2018
Improperly Implemented Security Check for Standard in org.springframework:spring-core Critical
CVE-2018-1275 was published for org.springframework:spring-core (Maven) Oct 17, 2018
sunSUNQ MarkLee131
Inconsistent documentation in Apache Tomcat Moderate
CVE-2017-15706 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). High Unreviewed
CVE-2016-10834 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API