Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Validation Bypass in schema-inspector Critical
CVE-2019-10781 was published for schema-inspector (npm) Jun 10, 2020
After order payment process manipulation in shopware/platform and shopware/core Critical
GHSA-88rc-3p98-rgvx was published for shopware/core (Composer) Apr 13, 2021
Leak of information via Store-API aggregations in shopware/platform and shopware/core Critical
GHSA-qg7c-q3vq-rgxr was published for shopware/core (Composer) Apr 13, 2021
Insecure temporary file usage in SWHKD Critical
CVE-2022-27818 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Exposure of Resource to Wrong Sphere in org.craftercms:crafter-search Critical
CVE-2021-23264 was published for org.craftercms:crafter-search (Maven) Dec 16, 2021
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator Critical
CVE-2021-21428 was published for org.openapitools:openapi-generator-online (Maven) May 11, 2021
JLLeitschuh
globalpom-utils has Insecure Temporary File Critical
CVE-2018-25068 was published for com.anrisoftware.globalpom:globalpomutils (Maven) Jan 6, 2023
Exposure of sensitive information in Apache Ozone Critical
CVE-2021-39231 was published for org.apache.ozone:ozone-main (Maven) Nov 23, 2021
Exposure of Resource to Wrong Sphere in Zip-Local Critical
CVE-2021-23484 was published for zip-local (npm) Feb 1, 2022
CodenameOne Pending Intent vulnerability Critical
CVE-2022-4903 was published for com.codenameone:codenameone-core (Maven) Feb 10, 2023
Exposure of Resource to Wrong Sphere in Apache Tomcat Critical
CVE-2017-5648 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 13, 2022
sunSUNQ westonsteimel
Remote code execution in dask Critical
CVE-2021-42343 was published for dask (pip) Oct 27, 2021
Workers for local Dask clusters mistakenly listened on public interfaces Critical
GHSA-hwqr-f3v9-hwxr was published for distributed (pip) Jul 15, 2022
python-docutils allows insecure usage of temporary files Critical
CVE-2009-5042 was published for docutils (pip) Mar 13, 2020
ProTip! Advisories are also available from the GraphQL API