Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
feathers-sequelize contains improper input validation leading to SQL injection Critical
CVE-2022-2422 was published for feathers-sequelize (npm) Oct 26, 2022
Churro
Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution Critical
CVE-2022-29823 was published for feathers-sequelize (npm) Oct 26, 2022
Churro
feathers-sequelize vulnerable to SQL injection due to improper parameter filtering Critical
CVE-2022-29822 was published for feathers-sequelize (npm) Oct 26, 2022
Churro
JOSE vulnerable to resource exhaustion via specifically crafted JWE Moderate
CVE-2022-36083 was published for jose (npm) Sep 16, 2022
TomTervoort panva
Churro
Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022
jhutchings1 stof
Churro tdunlap607 jenhae
CKEditor 4.0 vulnerability in the HTML Data Processor Moderate
CVE-2020-9281 was published for ckeditor4 (npm) May 7, 2021
Churro
Command Injection in Limdu Low
CVE-2020-4066 was published for limdu (npm) Jun 22, 2020
Churro
Potential XSS vulnerability in jQuery Moderate
CVE-2020-11022 was published for jquery (RubyGems) Apr 29, 2020
masatokinugawa Churro
Rudloff
xterm vulnerable to remote code execution High
CVE-2019-0542 was published for xterm (npm) Jan 14, 2019
Churro
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration High
CVE-2018-1000136 was published for electron (npm) Mar 26, 2018
Churro
ProTip! Advisories are also available from the GraphQL API