Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

85 advisories

Loading
IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper... Moderate Unreviewed
CVE-2023-26289 was published Jul 30, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header... Moderate Unreviewed
CVE-2024-39736 was published Jul 15, 2024
Apache Zeppelin vulnerable to cross-site scripting in the helium module Moderate
CVE-2024-31868 was published for org.apache.zeppelin:zeppelin-interpreter (Maven) Apr 9, 2024
oscerd
KaTeX's `\includegraphics` does not escape filename Moderate
CVE-2024-28245 was published for katex (npm) Mar 25, 2024
martinvks edemaine
jupenur
Ansible-core information disclosure flaw Moderate
CVE-2024-0690 was published for ansible-core (pip) Feb 6, 2024
Mattermost password hash disclosure vulnerability Moderate
CVE-2023-5968 was published for github.com/mattermost/mattermost-server/v6 (Go) Nov 6, 2023
MarkLee131
React Developer Tools extension Improper Authorization vulnerability Moderate
CVE-2023-5654 was published for react-devtools-core (npm) Oct 19, 2023
OpenZeppelin Contracts vulnerable to Improper Escaping of Output Moderate
CVE-2023-40014 was published for @openzeppelin/contracts (npm) Aug 11, 2023
Critters Cross-site Scripting Vulnerability Moderate
CVE-2023-3481 was published for critters (npm) Aug 11, 2023
RTX TRAP v1.0 was discovered to be vulnerable to host header poisoning. Moderate Unreviewed
CVE-2022-31458 was published Jul 25, 2023
Spring HATEOAS vulnerable to Improper Neutralization of HTTP Headers for Scripting Syntax Moderate
CVE-2023-34036 was published for org.springframework.hateoas:spring-hateoas (Maven) Jul 17, 2023
ProTip! Advisories are also available from the GraphQL API