GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
172 advisories
Mattermost password hash disclosure vulnerability
Moderate
CVE-2023-5968
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 6, 2023
Moodle context freezing
Moderate
CVE-2019-3852
was published
for
moodle/moodle
(Composer)
May 13, 2022
TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz)
Moderate
CVE-2022-47407
was published
for
fixpunkt/fp-masterquiz
(Composer)
Dec 14, 2022
Cross-site Scripting vulnerability in drag-and-drop upload of phpMyAdmin
Moderate
CVE-2023-25727
was published
for
phpmyadmin/phpmyadmin
(Composer)
Feb 13, 2023
Apache Storm Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files
Moderate
CVE-2023-43123
was published
for
org.apache.storm:storm-core
(Maven)
Nov 23, 2023
Regular expression denial-of-service in Django
Moderate
CVE-2024-27351
was published
for
django
(pip)
Mar 15, 2024
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Django data leakage via querystring manipulation in admin
Moderate
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django cross-site scripting (XSS) attack via user-supplied redirect URLs
Moderate
CVE-2015-2317
was published
for
Django
(pip)
May 14, 2022
Django vulnerable to XSS on 500 pages
Moderate
CVE-2017-12794
was published
for
Django
(pip)
Jan 4, 2019
Django allows user sessions hijacking via an empty string in the session key
Moderate
CVE-2015-3982
was published
for
Django
(pip)
May 17, 2022
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
Django
(pip)
May 17, 2022
Django Cross-site scripting (XSS) vulnerability
Moderate
CVE-2008-2302
was published
for
django
(pip)
May 1, 2022
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
XML Entity Expansion (XEE) in Django
Moderate
CVE-2013-1664
was published
for
Django
(pip)
May 17, 2022
Improper Input Validation in Apache POI
Moderate
CVE-2014-3574
was published
for
org.apache.poi:poi
(Maven)
May 17, 2022
Improper Authentication in Hibernate Validator
Moderate
CVE-2014-3558
was published
for
org.hibernate:hibernate-validator
(Maven)
May 14, 2022
Improper Restriction of XML External Entity Reference in Apache POI
Moderate
CVE-2014-3529
was published
for
org.apache.poi:poi
(Maven)
May 17, 2022
Improper Input Validation in Apache Tomcat
Moderate
CVE-2014-0227
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API