Skip to content

GitHub Advisory Database

1,792 advisories

Possible XSS vulnerability in ActionView
CVE-2020-5267 (Moderate severity) was published Mar 19, 2020 actionview (RubyGems)
GitHub personal access token leaking into temporary EasyBuild (debug) logs
CVE-2020-5262 (High severity) was published Mar 19, 2020 easybuild-framework (pip)
Insufficient Nonce Validation in Client
CVE-2019-19135 (Moderate severity) was published Mar 16, 2020 org.eclipse.milo:sdk-client (Maven)
Potential buffer overflow
CVE-2020-10571 (Moderate severity) was published Mar 16, 2020 psd-tools (pip)
2FA bypass through deleting devices
CVE-2020-5240 (High severity) was published Mar 13, 2020 wagtail-2fa (pip)
Sort order SQL injection
CVE-2020-5257 (High severity) was published Mar 13, 2020 administrate (RubyGems)
ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)
CVE-2020-7598 (Moderate severity) was published Mar 13, 2020 acorn (npm)
Remote Code Execution Through Image Uploads
CVE-2020-5256 (High severity) was published Mar 13, 2020 ssddanbrown/bookstack (Composer)
python-gnupg allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended
CVE-2019-6690 (Moderate severity) was published Mar 13, 2020 python-gnupg (pip)
python-docutils allows insecure usage of temporary files
CVE-2009-5042 (High severity) was published Mar 13, 2020 docutils (pip)
Double Free in psutil
CVE-2019-18874 (Moderate severity) was published Mar 12, 2020 psutil (pip)
Improper Access Control in novajoin
CVE-2019-10138 (High severity) was published Mar 12, 2020 novajoin (pip)
Incorrect Default Permissions in keyring
CVE-2012-5577 (High severity) was published Mar 11, 2020 keyring (pip)
Link Following in rply
CVE-2014-1938 (Moderate severity) was published Mar 11, 2020 rply (pip)
Incorrect Default Permissions in keyring
CVE-2012-5578 (Moderate severity) was published Mar 10, 2020 keyring (pip)
Insufficient Verification of Data Authenticity in python-keystoneclient
CVE-2013-2167 (High severity) was published Mar 10, 2020 python-keystoneclient (pip)
Prototype Pollution
CVE-2020-5259 (Low severity) was published Mar 10, 2020 dojox (npm)
Prototype pollution
CVE-2020-5258 (High severity) was published Mar 10, 2020 dojo (npm)
Denial of Service in uap-core <=0.7.2 when processing crafted User-Agent strings
GHSA-pcqq-5962-hvcw (High severity) was published Mar 10, 2020 user_agent_parser (RubyGems)
Improper Authentication in requests-kerberos
CVE-2014-8650 (Critical severity) was published Mar 10, 2020 requests-kerberos (pip)
2018-11-16 Phar object injection
CVE-2018-19296 (High severity) was published Mar 5, 2020 phpmailer/phpmailer (Composer)
2017-01-09 Local file disclosure
CVE-2017-5223 (Low severity) was published Mar 5, 2020 phpmailer/phpmailer (Composer)
2017-07-20 Cross-site scripting
CVE-2017-11503 (Low severity) was published Mar 5, 2020 phpmailer/phpmailer (Composer)
2016-12-30 Remote code execution
CVE-2016-10045 (Critical severity) was published Mar 5, 2020 phpmailer/phpmailer (Composer)
2016-12-30 Remote code execution
CVE-2016-10033 (Critical severity) was published Mar 5, 2020 phpmailer/phpmailer (Composer)
ProTip! Advisories are also available from the GraphQL API.
You can’t perform that action at this time.