Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

87 advisories

Loading
Insert tag injection in the Contao login module Moderate
CVE-2019-19714 was published for contao/contao (Composer) Dec 17, 2019
Control character injection in console output in github.com/ipfs/go-ipfs Moderate
CVE-2020-26283 was published for github.com/ipfs/go-ipfs (Go) Jun 23, 2021
tintinweb
Misinterpretation of malicious XML input Moderate
CVE-2021-32796 was published for @xmldom/xmldom (npm) Aug 3, 2021
diptendur2c
Authentication Bypass by Alternate Name in Apache Tomcat Moderate
CVE-2021-30640 was published for org.apache.tomcat:tomcat (Maven) Aug 13, 2021
Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log... Moderate Unreviewed
CVE-2021-43410 was published Dec 10, 2021
The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to... Moderate Unreviewed
CVE-2022-0210 was published Jan 19, 2022
IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is... Moderate Unreviewed
CVE-2021-29872 was published Jan 19, 2022
Path traversal in xwiki-platform-skin-skinx Moderate
CVE-2022-23620 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Feb 9, 2022
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible Moderate
CVE-2020-14330 was published for ansible (pip) Feb 9, 2022
IBM Guardium Data Encryption (GDE) 4.0.0 and 5.0.0 prepares a structured message for... Moderate Unreviewed
CVE-2021-39027 was published May 7, 2022
Log value insertion in craftercms Moderate
CVE-2021-23266 was published for org.craftercms:craftercms (Maven) May 17, 2022
Cross-site Scripting in Jenkins Random String Parameter Plugin Moderate
CVE-2022-30966 was published for org.jenkins-ci.plugins:random-string-parameter (Maven) May 18, 2022
ProTip! Advisories are also available from the GraphQL API