GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,201 advisories
QOS.CH logback-core Server-Side Request Forgery vulnerability
Low
CVE-2024-12801
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type
Low
GHSA-27vq-hv74-7cqp
was published
for
surrealdb
(Rust)
Dec 16, 2024
sigstore has insufficient validation of integration timestamp during verification
Low
CVE-2024-55655
was published
for
sigstore
(pip)
Dec 11, 2024
lxd CA certificate sign check bypass
Low
CVE-2024-6156
was published
for
github.com/canonical/lxd
(Go)
Dec 9, 2024
lxd has a restricted TLS certificate privilege escalation when in PKI mode
Low
CVE-2024-6219
was published
for
github.com/canonical/lxd
(Go)
Dec 9, 2024
shared_preferences_android vulnerability
Low
GHSA-3hpf-ff72-j67p
was published
for
shared_preferences_android
(Pub)
Dec 6, 2024
sigstore-java has a vulnerability with bundle verification
Low
CVE-2024-54140
was published
for
dev.sigstore:sigstore-java
(Maven)
Dec 5, 2024
PyJWT Issuer field partial matches allowed
Low
CVE-2024-53861
was published
for
PyJWT
(pip)
Dec 2, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API
Low
CVE-2024-52008
was published
for
ethyca-fides
(pip)
Nov 26, 2024
ProTip!
Advisories are also available from the
GraphQL API