GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,200 advisories
SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type
Low
GHSA-27vq-hv74-7cqp
was published
for
surrealdb
(Rust)
Dec 16, 2024
sigstore has insufficient validation of integration timestamp during verification
Low
CVE-2024-55655
was published
for
sigstore
(pip)
Dec 11, 2024
lxd CA certificate sign check bypass
Low
CVE-2024-6156
was published
for
github.com/canonical/lxd
(Go)
Dec 9, 2024
lxd has a restricted TLS certificate privilege escalation when in PKI mode
Low
CVE-2024-6219
was published
for
github.com/canonical/lxd
(Go)
Dec 9, 2024
shared_preferences_android vulnerability
Low
GHSA-3hpf-ff72-j67p
was published
for
shared_preferences_android
(Pub)
Dec 6, 2024
sigstore-java has a vulnerability with bundle verification
Low
CVE-2024-54140
was published
for
dev.sigstore:sigstore-java
(Maven)
Dec 5, 2024
PyJWT Issuer field partial matches allowed
Low
CVE-2024-53861
was published
for
PyJWT
(pip)
Dec 2, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
Low
CVE-2024-52008
was published
for
ethyca-fides
(pip)
Nov 26, 2024
deno_doc's HTML generator vulnerable to Cross-site Scripting
Low
CVE-2024-32468
was published
for
deno_doc
(Rust)
Nov 25, 2024
ProTip!
Advisories are also available from the
GraphQL API