Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20,228 advisories

Loading
Directory traversal in pyftpdlib Moderate
CVE-2008-7262 was published for pyftpdlib (pip) May 17, 2022
TYPO3 cross-site scripting (XSS) vulnerability in the RemoveXSS function and the backend Moderate
CVE-2010-3715 was published for typo3/cms-backend (Composer) May 17, 2022
Improper Authentication in Apache MyFaces Moderate
CVE-2010-2057 was published for org.apache.myfaces.core:myfaces-impl (Maven) May 17, 2022
Cobbler is vulnerable to code injection High
CVE-2010-2235 was published for cobbler (pip) May 17, 2022
Paste is vulnerable to Cross-site Scripting via vectors involving a 404 status code Moderate
CVE-2010-2477 was published for paste (pip) May 17, 2022
Drools Improper Input Validation vulnerability allows remote attackers to execute arbitrary code in JBoss EAP High
CVE-2010-3708 was published for org.drools:drools-core (Maven) May 17, 2022
CakePHP allows remote attackers to modify internal Cake cache and execute arbitrary code High
CVE-2010-4335 was published for cakephp/cakephp (Composer) May 17, 2022
ravage84
Zope Object Database Denial of Service vulnerability Moderate
CVE-2010-3495 was published for zodb3 (pip) May 17, 2022
phpMyAdmin unsafely handles temporary files High
CVE-2008-7252 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
PyWebDAV SQL Injection vulnerability High
CVE-2011-0432 was published for pywebdav (pip) May 17, 2022
Apache Struts Multiple XSS Vulnerabilities Moderate
CVE-2011-2087 was published for org.apache.struts:struts2-parent (Maven) May 17, 2022
Plone XSS Vulnerability Moderate
CVE-2011-1340 was published for plone (pip) May 17, 2022
Fabric vulnerable to symlink attack on tmp files Moderate
CVE-2011-2185 was published for fabric (pip) May 17, 2022
Apache Libcloud does not verify SSL certificates for HTTPS connections High
CVE-2010-4340 was published for apache-libcloud (pip) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache HttpClient Moderate
CVE-2011-1498 was published for org.apache.httpcomponents:httpclient (Maven) May 17, 2022
MarkLee131
Zope Command Execution Vulnerability High
CVE-2011-3587 was published for zope2 (pip) May 17, 2022
OWASP HTML Sanitizer allows redirecting to an arbitrary URL when JavaScript is disabled Low
CVE-2011-4457 was published for com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (Maven) May 17, 2022
Celery local privilege escalation vulnerability Moderate
CVE-2011-4356 was published for celery (pip) May 17, 2022
Denial of Service in Apache ActiveMQ Moderate
CVE-2011-4905 was published for org.apache.activemq:activemq-core (Maven) May 17, 2022
sunSUNQ
Cross-site Scripting in Apache Struts Low
CVE-2011-1772 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
Virtualenv Allows Symlink Attack on /tmp/ Low
CVE-2011-4617 was published for virtualenv (pip) May 17, 2022
phpMyAdmin Open Redirect in redirector Moderate
CVE-2011-1941 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Apache Tomcat Exposes IP Addresses and HTTP Headers of Requests Moderate
CVE-2011-3375 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Ejabberd DoS via malformed stanza Moderate
CVE-2011-4320 was published for ejabberd (Erlang) May 17, 2022
ProTip! Advisories are also available from the GraphQL API