Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

63 advisories

Loading
Improper exception handling in Aedes High
CVE-2020-13410 was published for aedes (npm) May 6, 2021
Directus vulnerable to unhandled exception on illegal filename_disk value Moderate
CVE-2022-36031 was published for directus (npm) Aug 30, 2022
wgorecki
Yauaa vulnerable to ArrayIndexOutOfBoundsException triggered by a crafted Sec-Ch-Ua-Full-Version-List High
CVE-2022-23496 was published for nl.basjes.parse.useragent:yauaa (Maven) Dec 8, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty High
CVE-2020-5403 was published for io.projectreactor.netty:reactor-netty-http (Maven) Feb 10, 2022
Parse Server crashes with query parameter High
CVE-2021-39187 was published for parse-server (npm) Sep 2, 2021
mstniy
nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit Moderate
CVE-2022-41777 was published for nadesiko3 (npm) Dec 5, 2022
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate
CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
Denial of Service (DoS) in restify-paginate High
CVE-2020-27543 was published for restify-paginate (npm) Apr 12, 2021
Improper Handling of Exceptional Conditions in detect-character-encoding High
CVE-2021-39157 was published for detect-character-encoding (npm) Aug 25, 2021
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
Exposure of Sensitive Information in keycloak Moderate
CVE-2020-1744 was published for org.keycloak:keycloak-core (Maven) Sep 20, 2021
Denial of Service in soketi High
CVE-2022-21667 was published for @soketi/soketi (npm) Jan 8, 2022
Improper Handling of Exceptional Conditions in Apache Tomcat High
CVE-2021-30639 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
Uncaught Exception in zip4j Moderate
CVE-2022-24615 was published for net.lingala.zip4j:zip4j (Maven) Feb 25, 2022
srikanth-lingala
Improper Handling of Exceptional Conditions inn metadata-extractor Moderate
CVE-2022-24613 was published for com.drewnoakes:metadata-extractor (Maven) Feb 25, 2022
ZGorlock
go-merkledag's ProtoNode may be modified such that common method calls may panic High
CVE-2022-23495 was published for github.com/ipfs/go-merkledag (Go) Dec 8, 2022
mrd0ll4r
Ory fosite contains Improper Handling of Exceptional Conditions High
CVE-2020-15223 was published for github.com/ory/fosite (Go) May 24, 2021
jclebreton
xwiki vulnerable to Improper Handling of Exceptional Conditions Moderate
CVE-2023-26479 was published for org.xwiki.platform:xwiki-platform-rendering-parser (Maven) Mar 3, 2023
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian
Cilium eBPF filters may be temporarily removed during agent restart Moderate
CVE-2023-27595 was published for github.com/cilium/cilium (Go) Mar 17, 2023
ldelossa ti-mo
aanm
Uncaught Exception in engine.io High
CVE-2022-21676 was published for engine.io (npm) Jan 13, 2022
marwej
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
XMLTooling Library Incorrectly Handles Some Exceptions High
CVE-2019-9628 was published for org.opensaml:xmltooling (Maven) May 13, 2022 withdrawn
njuneau-coveo twn
ProTip! Advisories are also available from the GraphQL API