GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
24,162 advisories
TYPO3 CMS vulnerable to Weak Authentication in Frontend Login
Moderate
CVE-2022-23501
was published
for
typo3/cms
(Composer)
Dec 13, 2022
TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting
Moderate
CVE-2022-23499
was published
for
typo3/cms
(Composer)
Dec 13, 2022
Apache CXF vulnerable to Exposure of Sensitive Information
High
CVE-2022-46363
was published
for
org.apache.cxf:cxf-core
(Maven)
Dec 13, 2022
json stack overflow vulnerability
High
CVE-2022-45688
was published
for
cn.hutool:hutool-json
(Maven)
Dec 13, 2022
linux-loader reading beyond EOF could lead to infinite loop
Low
CVE-2022-23523
was published
for
linux-loader
(Rust)
Dec 12, 2022
Sentry vulnerable to invite code reuse via cookie manipulation
Moderate
CVE-2022-23485
was published
for
sentry
(pip)
Dec 12, 2022
Netty vulnerable to HTTP Response splitting from assigning header value iterator
Moderate
CVE-2022-41915
was published
for
io.netty:netty-codec-http
(Maven)
Dec 12, 2022
SnakeYaml Constructor Deserialization Remote Code Execution
High
CVE-2022-1471
was published
for
org.yaml:snakeyaml
(Maven)
Dec 12, 2022
Protobuf Java vulnerable to Uncontrolled Resource Consumption
High
CVE-2022-3509
was published
for
com.google.protobuf:protobuf-java
(Maven)
Dec 12, 2022
Protobuf Java vulnerable to Uncontrolled Resource Consumption
High
CVE-2022-3510
was published
for
com.google.protobuf:protobuf-java
(Maven)
Dec 12, 2022
ProTip!
Advisories are also available from the
GraphQL API