Skip to content

GitHub Advisory Database

1,984 advisories

Potential timing attack on apps using basic authentication
CVE-2020-4071 (Low severity) was published Jun 23, 2020 django-basic-auth-ip-whitelist (pip)
Regular expression denial of service in url-regex
CVE-2020-7661 (Moderate severity) was published Jun 22, 2020 url-regex (npm)
Cross site scripting in Angular
CVE-2020-7676 (Low severity) was published Jun 18, 2020 angular (npm)
Deserialization of untrusted data in Jackson Databind
CVE-2020-14061 (High severity) was published Jun 18, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Deserialization of untrusted data in Jackson Databind
CVE-2020-14062 (High severity) was published Jun 18, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Deserialization of untrusted data in Jackson Databind
CVE-2020-14060 (High severity) was published Jun 18, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Deserialization of untrusted data in Jackson Databind
CVE-2020-14195 (Moderate severity) was published Jun 18, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Command injection security issue
CVE-2020-4059 (High severity) was published Jun 18, 2020 mversion (npm)
command injection
CVE-2020-4066 (Low severity) was published Jun 22, 2020 limdu (npm)
HTML sanitization bypass in Sanitize
CVE-2020-4054 (High severity) was published Jun 16, 2020 sanitize (RubyGems)
XSS in dijit/editor
CVE-2020-4051 (Low severity) was published Jun 15, 2020 dijit (npm)
Denial of Service in Tomcat
CVE-2019-0199 (Moderate severity) was published Jun 15, 2020 org.apache.tomcat.embed:tomcat-embed-core (Maven)
Improper Input Validation in Tomcat
CVE-2020-1938 (High severity) was published Jun 15, 2020 org.apache.tomcat.embed:tomcat-embed-core (Maven)
Denial of service in Apache Xerces2
CVE-2009-2625 (Moderate severity) was published Jun 15, 2020 xerces:xercesImpl (Maven)
Denial of service in Apache Xerces2
CVE-2012-0881 (Low severity) was published Jun 15, 2020 xerces:xercesImpl (Maven)
Improper Input Validation in jackson-databind
CVE-2019-17267 (Critical severity) was published Jun 15, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Deserialization of Untrusted Data
CVE-2018-12023 (High severity) was published Jun 15, 2020 com.fasterxml.jackson.core:jackson-databind (Maven)
Deserialization of Untrusted Data in jackson-databind
CVE-2018-12022 (High severity) was published Jun 15, 2020 com.fasterxml.jackson.core:jackson-databind (Maven) • withdrawn
SSB-DB#get() is decrypting messages by default
CVE-2020-4045 (High severity) was published Jun 11, 2020 ssb-db (npm)
Insufficient Entropy in Spring Security
CVE-2020-5408 (Moderate severity) was published Jun 15, 2020 org.springframework.security:spring-security-core (Maven)
Denial of Service in Spring Framework
CVE-2018-15756 (High severity) was published Jun 15, 2020 org.springframework:spring-core (Maven)
Denial of Service in Netty
CVE-2020-11612 (High severity) was published Jun 15, 2020 io.netty:netty-handler (Maven)
Privilege Escalation in Hibernate Validator
CVE-2017-7536 (High severity) was published Jun 15, 2020 org.hibernate:hibernate-validator (Maven)
Denial of Service in Google Guava
CVE-2018-10237 (Moderate severity) was published Jun 15, 2020 com.google.guava:guava (Maven)
Insecure Deserialization in Apache Commons Collection
CVE-2015-6420 (High severity) was published Jun 15, 2020 commons-collections:commons-collections (Maven)
ProTip! Advisories are also available from the GraphQL API.
You can’t perform that action at this time.