GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
434 advisories
Hostname spoofing via backslashes in URL
Moderate
CVE-2020-26291
was published
for
urijs
(npm)
Dec 30, 2020
ReDOS vulnerabities: multiple grammars
Moderate
GHSA-7wwv-vh3v-89cq
was published
for
@highlightjs/cdn-assets
(npm)
Dec 4, 2020
Ability to change order address without triggering address validations in solidus
Moderate
CVE-2020-15109
was published
for
solidus_api
(RubyGems)
Aug 4, 2020
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
Incorrect signature verification in SimpleSAMLphp
Moderate
CVE-2016-9955
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ
Moderate
CVE-2015-7559
was published
for
org.apache.activemq:activemq-client
(Maven)
Aug 1, 2019
ProTip!
Advisories are also available from the
GraphQL API