GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,296 advisories
Arbitrary Command Injection due to Improper Command Sanitization
Moderate
GHSA-hxwm-x553-x359
was published
for
@npmcli/git
(npm)
Aug 5, 2021
GovernorCompatibilityBravo incorrect ABI encoding may lead to unexpected behavior
Moderate
GHSA-m6w8-fq7v-ph4m
was published
for
@openzeppelin/contracts
(npm)
Jan 13, 2022
Inefficient Regular Expression Complexity in Validator.js
Moderate
GHSA-xx4c-jj58-r7x6
was published
for
validator
(npm)
Nov 19, 2021
Pannellum Cross-Site Scripting due to data not being sanitized for URIs or vbscript
Moderate
CVE-2019-16763
was published
for
pannellum
(npm)
Nov 22, 2019
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
Cleartext Transmission of Sensitive Information in moment-timezone
Moderate
GHSA-v78c-4p63-2j6c
was published
for
moment-timezone
(npm)
Aug 30, 2022
parse-server new anonymous user session acts as if it's created with password
Moderate
CVE-2021-39138
was published
for
parse-server
(npm)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API