GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
26 advisories
Filter by severity
An issue was discovered in linqi before 1.4.0.1 on Windows. There is LDAP injection.
Critical
Unreviewed
CVE-2024-33868
was published
May 14, 2024
Apache Zeppelin: LDAP search filter query Injection Vulnerability
Moderate
CVE-2024-31867
was published
for
org.apache.zeppelin:zeppelin-server
(Maven)
Apr 9, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could...
High
Unreviewed
CVE-2024-22319
was published
Feb 2, 2024
NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection....
Moderate
Unreviewed
CVE-2023-31025
was published
Jan 12, 2024
The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter...
High
Unreviewed
CVE-2023-29050
was published
Jan 8, 2024
A vulnerability, which was classified as problematic, has been found in Jahastech NxFilter 4.3.2...
Moderate
Unreviewed
CVE-2023-6905
was published
Dec 18, 2023
Keycloak vulnerable to LDAP Injection on UsernameForm Login
Low
CVE-2022-2232
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Nov 29, 2023
The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP...
High
Unreviewed
CVE-2023-3447
was published
Jun 29, 2023
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
High
Unreviewed
CVE-2022-4254
was published
Feb 1, 2023
A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP....
Critical
Unreviewed
CVE-2015-10027
was published
Jan 7, 2023
Improper neutralization of special elements used in an LDAP query ('LDAP Injection')...
Moderate
Unreviewed
CVE-2022-45910
was published
Dec 7, 2022
camel-ldap component allows LDAP Injection when using the filter option
Critical
CVE-2022-45046
was published
for
org.apache.camel:camel-ldap
(Maven)
Dec 5, 2022
OneDev is a development operations platform. If the LDAP external authentication mechanism is...
Moderate
Unreviewed
CVE-2021-32651
was published
May 24, 2022
Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2.x versions prior to 2.3.0,...
High
Unreviewed
CVE-2019-11277
was published
May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated...
Moderate
Unreviewed
CVE-2019-4297
was published
May 24, 2022
EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC...
High
Unreviewed
CVE-2016-9870
was published
May 17, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier...
Critical
Unreviewed
CVE-2017-8790
was published
May 17, 2022
In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a...
Critical
Unreviewed
CVE-2017-14596
was published
May 17, 2022
VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle...
High
Unreviewed
CVE-2017-4927
was published
May 17, 2022
html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP...
Critical
Unreviewed
CVE-2011-4069
was published
May 14, 2022
Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
Critical
CVE-2016-9299
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP...
Moderate
Unreviewed
CVE-2018-5730
was published
May 13, 2022
Improper Neutralization of Special Elements used in an LDAP Query in stevenweathers/thunderdome-planning-poker
High
CVE-2021-41232
was published
for
github.com/stevenweathers/thunderdome-planning-poker
(Go)
Nov 8, 2021
LDAP Injection in is-user-valid
High
CVE-2021-23335
was published
for
is-user-valid
(npm)
Apr 13, 2021
ProTip!
Advisories are also available from the
GraphQL API