GitHub Advisory Database
2,663 advisories
Filter by severity
Information Disclosure and Broken Access Control in Backend Module
CVE-2020-25026
(Moderate severity)
was published Sep 2, 2020
•
derhansen/sf_event_mgt
(Composer)
Prevent RCE when calling untrusted remote with CachingHttpClient
CVE-2020-15094
(High severity)
was published Sep 2, 2020
•
symfony/http-kernel
(Composer)
Remote Memory Exposure in bl
CVE-2020-8244
(High severity)
was published Sep 2, 2020
•
bl
(npm)
Command Injection in bestzip
GHSA-4qqc-mp5f-ccv4
(Critical severity)
was published Sep 2, 2020
•
bestzip
(npm)
Improper Authorization in @sap-cloud-sdk/core
GHSA-r2vw-jgq9-jqx2
(High severity)
was published Sep 3, 2020
•
@sap-cloud-sdk/core
(npm)
Cross-Site Scripting in bootstrap-select
GHSA-9r7h-6639-v5mw
(High severity)
was published Sep 3, 2020
•
bootstrap-select
(npm)
Cross-Site Scripting in @toast-ui/editor
GHSA-cr56-66mx-293v
(High severity)
was published Sep 3, 2020
•
@toast-ui/editor
(npm)
Malicious Package in m-backdoor
GHSA-vv52-3mrp-455m
(Critical severity)
was published Sep 3, 2020
•
m-backdoor
(npm)
Prototype Pollution in sds
CVE-2020-7618
(High severity)
was published Sep 3, 2020
•
sds
(npm)
Buffer Overflow in node-weakauras-parser
GHSA-86mr-6m89-vgj3
(Moderate severity)
was published Sep 3, 2020
•
node-weakauras-parser
(npm)
Prototype Pollution in utils-extend
CVE-2020-8147
(High severity)
was published Sep 3, 2020
•
utils-extend
(npm)
Server-Side Request Forgery in @uppy/companion
CVE-2020-8135
(High severity)
was published Sep 3, 2020
•
@uppy/companion
(npm)
Command Injection in node-rules
GHSA-8whr-v3gm-w8h9
(Critical severity)
was published Sep 3, 2020
•
node-rules
(npm)
Cross-Site Scripting in htmr
GHSA-f8rq-m28h-8hxj
(High severity)
was published Sep 3, 2020
•
htmr
(npm)
Path Traversal in sapper
GHSA-f3vw-587g-r29g
(Critical severity)
was published Sep 3, 2020
•
sapper
(npm)
Cross-Site Scripting in lazysizes
GHSA-w4vp-3mq7-7v82
(High severity)
was published Sep 3, 2020
•
lazysizes
(npm)
Command Injection in priest-runner
GHSA-9px9-f7jw-fwhj
(Critical severity)
was published Sep 3, 2020
•
priest-runner
(npm)
Improper Authorization in react-oauth-flow
GHSA-65m9-m259-7jqw
(Critical severity)
was published Sep 3, 2020
•
react-oauth-flow
(npm)
Cross-Site Scripting in ngx-md
GHSA-xr53-m937-jr9c
(High severity)
was published Sep 3, 2020
•
ngx-md
(npm)
Prototype Pollution in @commercial/subtext
GHSA-36c4-4r89-6whg
(High severity)
was published Sep 3, 2020
•
@commercial/subtext
(npm)
Denial of Service in @commercial/hapi
GHSA-66mv-xh68-h6v2
(High severity)
was published Sep 3, 2020
•
@commercial/hapi
(npm)
Denial of Service in @hapi/hapi
GHSA-23vw-mhv5-grv5
(High severity)
was published Sep 3, 2020
•
@hapi/hapi
(npm)
Denial of Service in hapi
GHSA-7hx8-2rxv-66xv
(High severity)
was published Sep 3, 2020
•
hapi
(npm)
Prototype Pollution in @hapi/subtext
GHSA-g9cg-h3jm-cwrc
(High severity)
was published Sep 3, 2020
•
@hapi/subtext
(npm)
Prototype Pollution in subtext
GHSA-g64q-3vg8-8f93
(High severity)
was published Sep 3, 2020
•
subtext
(npm)
ProTip! Advisories are also available from the
GraphQL API.