GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,172 advisories
In Gradio, the `enable_monitoring` flag set to `False` does not disable monitoring
Low
CVE-2024-47168
was published
for
gradio
(pip)
Oct 10, 2024
Elliptic's verify function omits uniqueness validation
Low
CVE-2024-48949
was published
for
elliptic
(npm)
Oct 10, 2024
Dozzle uses unsafe hash for passwords
Low
CVE-2024-47182
was published
for
github.com/amir20/dozzle
(Go)
Oct 9, 2024
Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Low
CVE-2024-47813
was published
for
wasmtime
(Rust)
Oct 9, 2024
Denial of Service in TYPO3 Bookmark Toolbar
Low
CVE-2024-34537
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
Information Disclosure in TYPO3 Page Tree
Low
CVE-2024-47780
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload
Low
CVE-2024-47528
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Templates" feature
Low
CVE-2024-47526
was published
for
librenms/librenms
(Composer)
Oct 1, 2024
ReLaXed Cross-site Scripting vulnerability
Low
CVE-2024-9283
was published
for
relaxedjs
(npm)
Sep 27, 2024
Agnai vulnerable to Relative Path Traversal in Image Upload
Low
CVE-2024-47171
was published
for
agnai
(npm)
Sep 26, 2024
Agnai File Disclosure Vulnerability: JSON via Path Traversal
Low
CVE-2024-47170
was published
for
agnai
(npm)
Sep 26, 2024
Apache Hadoop: Temporary File Local Information Disclosure
Low
CVE-2024-23454
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API