GitHub Advisory Database
2,858 advisories
Filter by severity
Lack of URL normalization may lead to authorization bypass when URL access rules are used
CVE-2020-24660
(High severity)
was published Sep 9, 2020
•
lemonldap-ng-handler
(npm)
Invalid root may become trusted root
CVE-2020-15163
(Low severity)
was published Sep 9, 2020
•
tuf
(pip)
Validation bypass vulnerability
GHSA-2p6g-gjp8-ggg9
(Low severity)
was published Sep 9, 2020
•
personnummer
(Composer)
Validation bypass vulnerability
GHSA-qv8q-v995-72gr
(Low severity)
was published Sep 9, 2020
•
personnummer
(NuGet)
Validation bypass vulnerability
GHSA-rxq3-5249-8hgg
(Low severity)
was published Sep 9, 2020
•
personnummer
(pip)
Validation bypass vulnerability
GHSA-vpgc-7h78-gx8f
(Low severity)
was published Sep 4, 2020
•
personnummer
(npm)
Information Disclosure and Broken Access Control in Backend Module
CVE-2020-25026
(Moderate severity)
was published Sep 2, 2020
•
derhansen/sf_event_mgt
(Composer)
Prevent RCE when calling untrusted remote with CachingHttpClient
CVE-2020-15094
(High severity)
was published Sep 2, 2020
•
symfony/http-kernel
(Composer)
Remote Memory Exposure in bl
CVE-2020-8244
(High severity)
was published Sep 2, 2020
•
bl
(npm)
Command Injection in bestzip
GHSA-4qqc-mp5f-ccv4
(Critical severity)
was published Sep 2, 2020
•
bestzip
(npm)
Improper Authorization in @sap-cloud-sdk/core
GHSA-r2vw-jgq9-jqx2
(High severity)
was published Sep 3, 2020
•
@sap-cloud-sdk/core
(npm)
Remote Code Execution in next
GHSA-5vj8-3v2h-h38v
(High severity)
was published Sep 4, 2020
•
next
(npm)
Cross-Site Scripting in bootstrap-select
GHSA-9r7h-6639-v5mw
(High severity)
was published Sep 3, 2020
•
bootstrap-select
(npm)
Cross-Site Scripting in @toast-ui/editor
GHSA-cr56-66mx-293v
(High severity)
was published Sep 3, 2020
•
@toast-ui/editor
(npm)
DLL Injection in kerberos
GHSA-m2mx-rfpw-jghv
(High severity)
was published Sep 4, 2020
•
kerberos
(npm)
Regular Expression Denial of Service in papaparse
GHSA-qvjc-g5vr-mfgr
(High severity)
was published Sep 4, 2020
•
papaparse
(npm)
Malicious Package in m-backdoor
GHSA-vv52-3mrp-455m
(Critical severity)
was published Sep 3, 2020
•
m-backdoor
(npm)
Prototype Pollution in sds
CVE-2020-7618
(High severity)
was published Sep 3, 2020
•
sds
(npm)
Buffer Overflow in node-weakauras-parser
GHSA-86mr-6m89-vgj3
(Moderate severity)
was published Sep 3, 2020
•
node-weakauras-parser
(npm)
Prototype Pollution in utils-extend
CVE-2020-8147
(High severity)
was published Sep 3, 2020
•
utils-extend
(npm)
Server-Side Request Forgery in @uppy/companion
CVE-2020-8135
(High severity)
was published Sep 3, 2020
•
@uppy/companion
(npm)
Prototype Pollution in yargs-parser
GHSA-p9pc-299p-vxgp
(Low severity)
was published Sep 4, 2020
•
yargs-parser
(npm)
Command Injection in node-rules
GHSA-8whr-v3gm-w8h9
(Critical severity)
was published Sep 3, 2020
•
node-rules
(npm)
Cross-Site Scripting in htmr
GHSA-f8rq-m28h-8hxj
(High severity)
was published Sep 3, 2020
•
htmr
(npm)
Path Traversal in sapper
GHSA-f3vw-587g-r29g
(Critical severity)
was published Sep 3, 2020
•
sapper
(npm)
ProTip! Advisories are also available from the
GraphQL API.