GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
12 advisories
gurk (aka gurk-rs) mishandles ANSI escape sequences
Moderate
CVE-2025-30089
was published
for
gurk
(Rust)
Mar 17, 2025
Ed25519 Signature Malleability in ed25519-java Due to Missing Scalar Range Check
Moderate
CVE-2020-36843
was published
for
net.i2p.crypto:eddsa
(Maven)
Mar 13, 2025
Prototype Pollution Vulnerability in parse-git-config
High
CVE-2025-25975
was published
for
parse-git-config
(npm)
Mar 12, 2025
Apache MINA Deserialization RCE Vulnerability
Critical
CVE-2024-52046
was published
for
org.apache.mina:mina-core
(Maven)
Dec 25, 2024
GoCast OS Command Injection vulnerability
Critical
CVE-2024-28892
was published
for
github.com/mayuresh82/gocast
(Go)
Dec 20, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
KubeSphere IDOR vulnerability
Moderate
CVE-2024-46528
was published
for
github.com/kubesphere/kubesphere
(Go)
Oct 14, 2024
Path traversal vulnerability in functional web frameworks
High
CVE-2024-38816
was published
for
org.springframework:spring-webflux
(Maven)
Sep 13, 2024
Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input
High
CVE-2023-37279
was published
for
github.com/contribsys/faktory
(Go)
Sep 20, 2023
grav Server-side Template Injection (SSTI) mitigation bypass
High
CVE-2023-37897
was published
for
getgrav/grav
(Composer)
Jul 19, 2023
1Panel command injection vulnerability in Firewall ip functionality
High
CVE-2023-37477
was published
for
github.com/1Panel-dev/1Panel
(Go)
Jul 18, 2023
1Panel vulnerable to command injection when entering the container terminal
Moderate
CVE-2023-36458
was published
for
github.com/1Panel-dev/1Panel
(Go)
Jul 5, 2023
ProTip!
Advisories are also available from the
GraphQL API