Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

986 advisories

Loading
Validation Bypass in schema-inspector Critical
CVE-2019-10781 was published for schema-inspector (npm) Jun 10, 2020
Context isolation bypass in Electron Low
CVE-2020-15215 was published for electron (npm) Oct 6, 2020
nornagon MarshallOfSound
After order payment process manipulation in shopware/platform and shopware/core Critical
GHSA-88rc-3p98-rgvx was published for shopware/core (Composer) Apr 13, 2021
Leak of information via Store-API aggregations in shopware/platform and shopware/core Critical
GHSA-qg7c-q3vq-rgxr was published for shopware/core (Composer) Apr 13, 2021
Java Merge-sort Insecure Temporary File vulnerability Moderate
CVE-2022-24913 was published for com.fasterxml.util:java-merge-sort (Maven) Jan 12, 2023
Apache Superset has Improper Access Control Moderate
CVE-2022-45438 was published for apache-superset (pip) Jan 16, 2023
OSGi applications using Vaadin 12-14 and 19 vulnerable to server classes and resources exposure High
CVE-2021-31407 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Elvish vulnerable to remote code execution via the web UI backend High
CVE-2021-41088 was published for github.com/elves/elvish (Go) Sep 23, 2021
OpenEMR v6.0.0 was discovered to contain an incorrect access control issue. Moderate Unreviewed
CVE-2022-25041 was published Mar 25, 2022
GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the... Moderate Unreviewed
CVE-2021-27424 was published Mar 24, 2022
ProTip! Advisories are also available from the GraphQL API