Skip to content

GitHub Advisory Database

2,067 advisories

Missing TLS certificate verification
CVE-2020-15133 (High severity) was published Jul 31, 2020 faye-websocket (RubyGems)
Missing TLS certificate verification
CVE-2020-15134 (High severity) was published Jul 31, 2020 faye (RubyGems)
Potential XSS vulnerability in Kitodo.Presentation
CVE-2020-16095 (Moderate severity) was published Jul 31, 2020 kitodo/presentation (Composer)
False-positive validity for NFT1 genesis transactions
CVE-2020-15131 (Critical severity) was published Jul 30, 2020 slp-validate (npm)
False-positive validity for NFT1 genesis transactions
CVE-2020-15130 (Critical severity) was published Jul 30, 2020 slpjs (npm)
Prototype Pollution in dot-prop
CVE-2020-8116 (High severity) was published Jul 29, 2020 dot-prop (npm)
Signature Malleabillity in elliptic
CVE-2020-13822 (High severity) was published Jul 29, 2020 elliptic (npm)
Server side template injection in Apache Camel
CVE-2020-11994 (Moderate severity) was published Jul 29, 2020 org.apache.camel:camel-robotframework (Maven)
Remote code execution in turn extension for TYPO3
CVE-2020-15515 (Moderate severity) was published Jul 29, 2020 marcwillmann/turn (Composer)
Incorrect access control in typo3_forum
CVE-2020-15513 (Moderate severity) was published Jul 29, 2020 mittwald/typo3_forum (Composer)
Directory traversal in rollup-plugin-server
CVE-2020-7686 (Moderate severity) was published Jul 29, 2020 rollup-plugin-server (npm)
Directory traversal in rollup-plugin-server
CVE-2020-7683 (Moderate severity) was published Jul 29, 2020 rollup-plugin-server (npm)
HTTP response splitting in uvicorn
CVE-2020-7695 (Moderate severity) was published Jul 29, 2020 uvicorn (pip)
Log injection in uvicorn
CVE-2020-7694 (Low severity) was published Jul 29, 2020 uvicorn (pip)
Insecure defaults in UmbracoForms
CVE-2020-7685 (Moderate severity) was published Jul 29, 2020 UmbracoForms (NuGet)
Authorization header is not sanitized in an error object
CVE-2020-15125 (High severity) was published Jul 29, 2020 auth0 (npm)
Potential Privilege Escalation
CVE-2020-15099 (High severity) was published Jul 29, 2020 typo3/cms-core (Composer)
Sensitive Information Disclosure
CVE-2020-15098 (High severity) was published Jul 29, 2020 typo3/cms-core (Composer)
Sensitive Information Disclosure in extension "Media Content Element" (mediace)
CVE-2020-15086 (High severity) was published Jul 29, 2020 friendsoftypo3/mediace (Composer)
Command Injection in git-tags-remote
GHSA-gm9x-q798-hmr4 (Critical severity) was published Jul 29, 2020 git-tags-remote (npm)
SQL Injection in Kylin
CVE-2020-1937 (Moderate severity) was published Jul 27, 2020 org.apache.kylin:kylin-server-base (Maven)
Command Injection in Kylin
CVE-2020-1956 (High severity) was published Jul 27, 2020 org.apache.kylin:kylin-core-common (Maven)
SQL Injection in Kylin
CVE-2020-13926 (High severity) was published Jul 27, 2020 org.apache.kylin:kylin-server-base (Maven)
Command Injection in Kylin
CVE-2020-13925 (High severity) was published Jul 27, 2020 org.apache.kylin:kylin-server-base (Maven)
Out-of-bounds reads in Pillow
CVE-2020-10177 (Moderate severity) was published Jul 27, 2020 Pillow (pip)
ProTip! Advisories are also available from the GraphQL API.
You can’t perform that action at this time.