GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8,922 advisories
request_store has Incorrect Default Permissions
Moderate
CVE-2024-43791
was published
for
request_store
(RubyGems)
Aug 23, 2024
Mattermost Plugin Channel Export excessive resource consumption
Moderate
CVE-2024-43105
was published
for
github.com/mattermost/mattermost-plugin-channel-export
(Go)
Aug 23, 2024
Hono CSRF middleware can be bypassed using crafted Content-Type header
Moderate
CVE-2024-43787
was published
for
hono
(npm)
Aug 22, 2024
CWA-2024-006: wasmd non-deterministic module_query_safe query
Moderate
GHSA-fpgj-cr28-fvpx
was published
for
github.com/CosmWasm/wasmd
(Go)
Aug 21, 2024
Potential access to sensitive URLs via CKAN extensions (SSRF)
Moderate
CVE-2024-43371
was published
for
ckan
(pip)
Aug 21, 2024
CKAN has Cross-site Scripting vector in the Datatables view plugin
Moderate
CVE-2024-41675
was published
for
ckan
(pip)
Aug 21, 2024
CKAN may leak Solr credentials via error message in package_search action
Moderate
CVE-2024-41674
was published
for
ckan
(pip)
Aug 21, 2024
Ghost's improper authentication allows access to member information and actions
Moderate
CVE-2024-43409
was published
for
@tryghost/portal
(npm)
Aug 20, 2024
Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature)
Moderate
CVE-2024-43396
was published
for
khoj
(pip)
Aug 20, 2024
matrix-js-sdk will freeze when a user sets a room with itself as a its predecessor
Moderate
CVE-2024-42369
was published
for
matrix-js-sdk
(npm)
Aug 20, 2024
ProTip!
Advisories are also available from the
GraphQL API