Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

23,684 advisories

Loading
Token leases could outlive their TTL in HashiCorp Vault Critical
CVE-2020-25816 was published for github.com/hashicorp/vault (Go) May 24, 2022
Ansible Code Injection Vulnerability Critical
CVE-2014-4678 was published for ansible (pip) May 24, 2022
Pebble Templates Improper Input Validation vulnerability Critical
CVE-2019-19899 was published for io.pebbletemplates:pebble-project (Maven) May 24, 2022
Helm Unsafe Link Following Critical
CVE-2019-18658 was published for helm.sh/helm (Go) May 24, 2022
Magento Broken authentication and session managememt Critical
CVE-2019-8149 was published for magento/community-edition (Composer) May 24, 2022
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness Critical Unreviewed
CVE-2013-2260 was published May 24, 2022
XML Injection in ReportLab Critical
CVE-2019-17626 was published for reportlab (pip) May 24, 2022
Numpy Deserialization of Untrusted Data Critical
CVE-2019-6446 was published for numpy (pip) May 24, 2022
Magento 2 Community Edition SQLi Vulnerability Critical
CVE-2019-7139 was published for magento/community-edition (Composer) May 24, 2022
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Critical Unreviewed
CVE-2019-5481 was published May 24, 2022
Deserialization of Untrusted Data in Apache Tapestry Critical
CVE-2019-0195 was published for org.apache.tapestry:tapestry-core (Maven) May 24, 2022
py-lmdb Invalid write operation Critical
CVE-2019-16227 was published for lmdb (pip) May 24, 2022
The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection. Critical Unreviewed
CVE-2016-10909 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API