Browse Security Advisories
Low Security Advisories for github.com/cosmos/ibc-go/v7 Clear Filters
Low
almost 5 years ago
Lack of validation in data format attributes in TensorFlow
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Low
almost 5 years ago
UNEDITABLE_SCHEMAS and UNEDITABLE_TABLE_DESCRIPTION_MATCH_RULES not respected by frontend service backend
pypi
amundsen-frontend
Low
almost 5 years ago
datasette-graphql leaks details of the schema of private database files
pypi
datasette-graphql
Low
almost 5 years ago
Stored XSS by authenticated backend user with access to upload files
packagist
october/backend
Low
almost 5 years ago
Privilege escalation by backend users assigned to the default "Publisher" system role
packagist
october/backend
Low
almost 5 years ago
Edit feed settings and others, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
packagist
baserproject/basercms
Low
almost 5 years ago
Blog comment posting, Cross Site Scripting(XSS) Vulnerability in Latest Release 4.4.0
packagist
baserproject/basercms
Low
almost 5 years ago
Denial of Service via Cache Flooding
packagist
shopware/core, shopware/platform
Low
almost 5 years ago
Regular Expression Denial of Service in npm-user-validate
npm
npm-user-validate
Low
almost 5 years ago
Memory exhaustion in http4s-async-http-client with large or malicious compressed responses
maven
org.http4s:http4s-async-http-client_2.12, org.http4s:http4s-async-http-client_2.13
Low
almost 5 years ago
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request
pypi
xmpp-http-upload
Low
about 5 years ago
Buffer overflow in deprecated USB HALs and stack overflow in USB enumeration
pypi
cryptoauthlib
Low
about 5 years ago
Non-persistent XSS in the Storefront in Shopware
packagist
shopware/core, shopware/platform
Low
about 5 years ago
RCE in Third Party Library in Shopware
packagist
shopware/core, shopware/platform
Low
about 5 years ago
personnummer/java vulnerable to Improper Input Validation
maven
dev.personnummer:personnummer
Low
about 5 years ago
personnummer/ruby vulnerable to Improper Input Validation
rubygems
personnummer
Low
about 5 years ago
Users with SCRIPT right can execute arbitrary code in XWiki
maven
org.xwiki.platform:xwiki-platform-oldcore
Low
about 5 years ago
The `size` option isn't honored after following a redirect in node-fetch
npm
node-fetch
Low
about 5 years ago
personnummer/csharp vulnerable to Improper Input Validation
nuget
personnummer
Low
about 5 years ago
personnummer/php vulnerable to Improper Input Validation
packagist
personnummer/personnummer
Low
about 5 years ago
methodOverride Middleware Reflected Cross-Site Scripting in connect
npm
connect
Low
about 5 years ago
Cross Site Scripting(XSS) Vulnerability in Latest Release 4.3.6 Site basic settings
packagist
baserproject/basercms
Low
about 5 years ago
XSS in Mapfish Print relating to JSONP support
maven
org.mapfish.print:print-standalone, org.mapfish.print:print-servlet, org.mapfish.print:print-lib
Low
over 5 years ago
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender
maven
org.apache.logging.log4j:log4j-core, org.apache.logging.log4j:log4j
Low
over 5 years ago
Information disclosure of source code in SimpleSAMLphp
packagist
simplesamlphp/simplesamlphp
Low
over 5 years ago
Prevent cache poisoning via a Response Content-Type header in Symfony
packagist
symfony/symfony
Low
over 5 years ago
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used
pypi
vyper
Low
over 5 years ago
Ability to switch channels via GET parameter enabled in production environments
packagist
sylius/sylius
Low
over 5 years ago
Password Hashing: Do not use MD5
maven
org.opencastproject:opencast-common-jpa-impl
Low
over 5 years ago
Segmentation faultin TensorFlow when converting a Python string to `tf.float16`
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Low
over 5 years ago
Request smuggling is possible when both chunked TE and content length specified
maven
io.ktor:ktor-server-cio, io.ktor:ktor-client-cio
Low
almost 6 years ago
Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow
pypi
tensorflow-gpu, tensorflow-cpu, tensorflow
Low
almost 6 years ago
Internal exception message exposure for login action in Sylius
packagist
sylius/sylius
Low
almost 6 years ago
SilverStripe Priviledge escalation through cache pollution
packagist
silverstripe/framework
Low
almost 6 years ago
Malicious URL drafting attack against iodines static file server may allow path traversal
rubygems
iodine
Low
over 6 years ago
express-basic-auth Timing Attack due to native string comparison instead of constant time string comparison
npm
express-basic-auth
Low
over 6 years ago
ircdkit vulnerable to Denial of Service due to unhandled connection end event
npm
ircdkit
Filter by Severity
Filter by Ecosystem
pypi
513
maven
360
packagist
320
go
236
npm
232
nuget
116
cargo
108
rubygems
59
hex
6
actions
3
swift
2
pub
2
Filter by Package
tensorflow
105
tensorflow-cpu
100
tensorflow-gpu
96
moodle/moodle
34
github.com/mattermost/mattermost/server/v8
33
org.jenkins-ci.main:jenkins-core
19
concrete5/concrete5
16
magento/community-edition
14
shopware/platform
13
typo3/cms
13
phpmyadmin/phpmyadmin
13
vyper
12
org.opencms:opencms-core
11
shopware/core
11
github.com/mattermost/mattermost-server
10
magento/project-community-edition
10
org.apache.tomcat:tomcat
9
ethyca-fides
9
silverstripe/framework
8
nova
8
Umbraco.CMS
7
undici
7
wasmtime
7
typo3/cms-core
7
symfony/symfony
6
github.com/cilium/cilium
6
org.keycloak:keycloak-services
6
k8s.io/kubernetes
6
puppet
6
Magick.NET-Q16-HDRI-OpenMP-x64
5
Magick.NET-Q16-HDRI-x64
5
Magick.NET-Q16-OpenMP-arm64
5
Magick.NET-Q16-OpenMP-x64
5
Magick.NET-Q16-x64
5
actionpack
5
sweetalert2
5
Magick.NET-Q16-arm64
5
Magick.NET-Q16-HDRI-arm64
5
Magick.NET-Q16-HDRI-OpenMP-arm64
5
ansible
5
Magick.NET-Q8-OpenMP-arm64
5
Magick.NET-Q8-OpenMP-x64
5
rails-html-sanitizer
5
rack
5
october/backend
5
baserproject/basercms
5
next
5
elliptic
5
Magick.NET-Q8-x64
4
shopware/shopware
4
electron
4
Magick.NET-Q16-HDRI-x86
4
Magick.NET-Q16-AnyCPU
4
microweber/microweber
4
Magick.NET-Q16-HDRI-AnyCPU
4
helm.sh/helm/v3
4
cryptography
4
vantage6
4
github.com/mattermost/mattermost-server/v6
4
Magick.NET-Q16-x86
4
simplesamlphp/simplesamlphp
4
Magick.NET-Q8-AnyCPU
4
Magick.NET-Q8-arm64
4
github.com/hashicorp/vault
4
github.com/authzed/spicedb
4
helm.sh/helm
4
com.vaadin:flow-server
4
zenml
4
typo3/cms-install
3
github.com/cosmos/cosmos-sdk
3
org.graylog2:graylog2-server
3
twig/twig
3
typo3/cms-backend
3
aiohttp
3
apache-airflow
3
Magick.NET-Q8-x86
3
go.etcd.io/etcd/v3
3
mattermost-desktop
3
angular
3
django
3
node-forge
3
aws-cdk-lib
3
github.com/grafana/grafana
3
gradio
3
@openzeppelin/contracts-upgradeable
3
keystone
3
langchain
3
bin-links
3
github.com/docker/docker
3
matrix-synapse
3
nautobot
3
org.apache.hive:hive-exec
3
com.vaadin:vaadin-bom
3
directus
3
ckb
3
github.com/canonical/lxd
3
librenms/librenms
3
sudo-rs
3
october/system
3
surrealdb
3
nokogiri
3
passenger
3
risc0-zkvm
3
braces
2
org.jenkins-ci.plugins:repository-connector
2
MaterialX
2
org.eclipse.jetty:jetty-servlets
2
dolibarr/dolibarr
2
org.jenkins-ci.plugins:bigpanda-jenkins
2
drupal/core
2
org.apache.hadoop:hadoop-common
2
drupal/drupal
2
org.apache.hive:hive
2
@keystone-6/core
2
github.com/cometbft/cometbft
2
org.apache.hive:hive-service
2
admidio/admidio
2
org.jenkins-ci.plugins:artifactory
2
Nova
2
OctoPrint
2
s2n-quic
2
send
2
Umbraco.Forms
2
ezsystems/ezplatform-kernel
2
ezsystems/ezpublish-kernel
2
org.keycloak:keycloak-ldap-federation
2
plone
2
s2n-tls
2
org.jenkins-ci.plugins:mercurial
2
vite
2
hackney
2
@apollo/server
2
org.jenkins-ci.plugins:ec2
2
dbt-core
2
python-keystoneclient
2
com.xuxueli:xxl-job-core
2
gilacms/gila
2
next-auth
2
grumpydictator/firefly-iii
2
com.xuxueli:xxl-sso
2
cargo
2
@eslint/plugin-kit
2
salt
2
express
2
serve-static
2
github.com/answerdev/answer
2
shescape
2
agnai
2
org.jenkins-ci.plugins:ghprb
2
joomla/joomla-cms
2
org.apache.activemq:activemq-parent
2
tools.devnull:build-notifications
2
github.com/authelia/authelia/v4
2
juzaweb/cms
2
github.com/nats-io/nats-server/v2
2
transformers
2
tuf
2
upsonic
2
ceph-deploy
2
vantage6-server
2
vllm
2
sequoia-openpgp
2
leantime/leantime
2
github.com/goharbor/harbor
2
wagtail
2
weblate
2
Weblate
2
vaultwarden
2
github.com/apache/incubator-answer
2
tokio
2
matrix-appservice-irc
2
github.com/ntbosscher/gobase
2
apache-airflow-providers-fab
2
Zope
2
github.com/containerd/containerd
2
yeswiki/yeswiki
2
mautic/core
2
winter/wn-backend-module
2
github.com/1Panel-dev/1Panel
2
@sveltejs/kit
2
typo3/cms-frontend
2
tribalsystems/zenario
2
fiora
2
github.com/mattermost/mattermost-plugin-confluence
2
go.etcd.io/etcd/client/v3
2
october/cms
2
october/october
2
github.com/traefik/traefik/v2
2
github.com/Ackites/KillWxapkg
2
com.inedo.proget:inedo-proget
2
github.com/mutagen-io/mutagen
2
risc0-circuit-rv32im
2
@lodestar/reqresp
2
org.apache.tomcat:tomcat-catalina
2
Flask-Security-Too
2
freewvs
2
glance
2
org.xwiki.platform:xwiki-platform-oldcore
2
org.eclipse.jetty:jetty-server
2
com.ruoyi:ruoyi
2
Filter by Repository
https://github.com/tensorflow/tensorflow
105
https://github.com/moodle/moodle
19
https://github.com/concretecms/concretecms
14
https://github.com/vyperlang/vyper
12
https://github.com/TYPO3/typo3
12
https://github.com/shopware/platform
12
https://github.com/mattermost/mattermost
12
https://github.com/octobercms/october
10
https://github.com/openstack/nova
10
https://github.com/ethyca/fides
9
https://github.com/alkacon/opencms-core
9
https://github.com/etcd-io/etcd
8
https://github.com/umbraco/Umbraco-CMS
8
https://github.com/VulnSageAgent/PoCs
8
https://github.com/keycloak/keycloak
8
https://github.com/jenkinsci/jenkins
8
https://github.com/bytecodealliance/wasmtime
8
https://github.com/eclipse/jetty.project
7
https://github.com/xwiki/xwiki-platform
7
https://github.com/symfony/symfony
7
https://github.com/phpmyadmin/phpmyadmin
7
https://github.com/nodejs/undici
7
https://github.com/kubernetes/kubernetes
7
https://github.com/rails/rails
6
https://github.com/ansible/ansible
6
https://github.com/apache/airflow
6
https://github.com/apache/tomcat
6
https://github.com/cilium/cilium
6
https://github.com/vantage6/vantage6
6
https://github.com/liferay/liferay-portal
6
https://github.com/baserproject/basercms
5
https://github.com/silverstripe/silverstripe-framework
5
https://github.com/ImageMagick/ImageMagick
5
https://github.com/puppetlabs/puppet
5
https://github.com/vercel/next.js
5
https://github.com/helm/helm
5
https://github.com/rack/rack
5
https://github.com/rails/rails-html-sanitizer
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/indutny/elliptic
5
https://github.com/shopware/shopware
5
https://github.com/electron/electron
4
https://github.com/WeblateOrg/weblate
4
https://github.com/vaadin/platform
4
https://github.com/wintercms/winter
4
https://github.com/authzed/spicedb
4
https://github.com/simplesamlphp/simplesamlphp
4
https://github.com/pyca/cryptography
4
https://github.com/risc0/risc0
3
https://github.com/nautobot/nautobot
3
https://github.com/matrix-org/synapse
3
https://github.com/Graylog2/graylog2-server
3
https://github.com/surrealdb/surrealdb
3
https://github.com/cometbft/cometbft
3
https://github.com/openstack/keystone
3
https://gitlab.com/sequoia-pgp/sequoia
3
https://github.com/digitalbazaar/forge
3
https://github.com/aio-libs/aiohttp
3
https://github.com/cosmos/cosmos-sdk
3
https://github.com/aws/aws-cdk
3
https://github.com/zenml-io/zenml
3
https://github.com/bcgit/bc-java
3
https://github.com/twigphp/Twig
3
https://github.com/librenms/librenms
3
https://github.com/django/django
3
https://github.com/phusion/passenger
3
https://sourceforge.net/projects/phpmyadmin.sourceforge.net
3
https://github.com/canonical/lxd
3
https://github.com/directus/directus
3
https://github.com/sparklemotion/nokogiri
3
https://github.com/Byron/gitoxide
3
https://github.com/nervosnetwork/ckb
3
https://github.com/CVEProject/cvelist
3
https://github.com/moby/moby
3
https://github.com/vaadin/flow
3
https://github.com/sigstore/cosign
2
https://github.com/vitejs/vite
2
https://github.com/parse-community/parse-server
2
https://github.com/Cyber-Wo0dy/report
2
https://github.com/sveltejs/kit
2
https://github.com/ChainSafe/lodestar
2
https://github.com/xuxueli/xxl-job
2
https://github.com/theupdateframework/python-tuf
2
https://github.com/wagtail/wagtail
2
https://github.com/Leantime/leantime
2
https://github.com/jenkinsci/ec2-plugin
2
https://github.com/apache/kylin
2
https://github.com/OpenZeppelin/openzeppelin-contracts
2
https://github.com/Sylius/Sylius
2
https://github.com/hashicorp/nomad
2
https://github.com/huggingface/transformers
2
https://github.com/trifectatechfoundation/sudo-rs
2
https://github.com/craftcms/cms
2
https://github.com/Upsonic/Upsonic
2
https://github.com/micromatch/braces
2
https://github.com/aws/s2n-tls
2
https://github.com/umbraco/Umbraco.Forms.Issues
2
https://github.com/AcademySoftwareFoundation/MaterialX
2
https://github.com/benoitc/hackney
2
https://github.com/dpgaspar/Flask-AppBuilder
2
https://github.com/ezsystems/ezplatform-kernel
2
https://github.com/saltstack/salt
2
https://github.com/YesWiki/yeswiki
2
https://github.com/octoprint/octoprint
2
https://github.com/1Panel-dev/1Panel
2
https://github.com/quarkusio/quarkus
2
https://github.com/firefly-iii/firefly-iii
2
https://github.com/ShenxiuSec/cve-proofs
2
https://github.com/statamic/cms
2
https://github.com/expressjs/express
2
https://github.com/traefik/traefik
2
https://github.com/dbt-labs/dbt-core
2
https://github.com/schokokeksorg/freewvs
2
https://github.com/ceph/ceph-deploy
2
https://github.com/DataDog/guarddog
2
https://github.com/dfns/cggmp21
2
https://github.com/ntbosscher/gobase
2
https://github.com/gradio-app/gradio
2
https://github.com/opencontainers/runc
2
https://github.com/ericcornelissen/shescape
2
https://github.com/opencontainers/distribution-spec
2
https://github.com/rust-lang/cargo
2
https://github.com/zopefoundation/Zope
2
https://github.com/powsybl/powsybl-core
2
https://github.com/apache/activemq
2
https://github.com/nextauthjs/next-auth
2
https://github.com/Alexhuszagh/rust-lexical
2
https://github.com/langchain-ai/langchain
2
https://github.com/mutagen-io/mutagen
2
https://github.com/containers/podman
2
https://github.com/nats-io/nats-server
2
https://github.com/mautic/mautic
2
https://github.com/eslint/rewrite
2
https://github.com/Flask-Middleware/flask-security
2
https://github.com/containerd/containerd
2
https://github.com/keystonejs/keystone
2
https://github.com/openstack/horizon
2
https://github.com/expressjs/serve-static
2
https://github.com/opencast/opencast
2
https://github.com/RIAEvangelist/node-ipc
2
https://github.com/Exiv2/exiv2
2
https://github.com/agnaistic/agnai
2
https://github.com/Dolibarr/dolibarr
2
https://github.com/goharbor/harbor
2
https://github.com/apollographql/apollo-server
2
https://github.com/tokio-rs/tokio
2
https://github.com/microweber/microweber
2
https://github.com/aws/s2n-quic
2
https://github.com/vllm-project/vllm
2
https://github.com/apache/druid
2
https://github.com/GilaCMS/gila
2
https://github.com/matrix-org/matrix-appservice-irc
2
https://github.com/authelia/authelia
2
https://github.com/Ackites/KillWxapkg
2
https://github.com/answerdev/answer
2
https://github.com/dani-garcia/vaultwarden
2
https://github.com/dnnsoftware/Dnn.Platform
2
https://github.com/apache/ranger
1
https://github.com/moment/moment-timezone
1
https://github.com/topgrade-rs/topgrade
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/tendermint/tendermint
1
https://github.com/parallaxsecond/parsec
1
https://github.com/jenkinsci/ssh-agent-plugin
1
https://github.com/veraPDF/veraPDF-library
1
https://github.com/runatlantis/atlantis
1
https://github.com/personnummer/java
1
https://github.com/jenkinsci/parameterized-trigger-plugin
1
https://github.com/rust-ammonia/ammonia
1
https://github.com/bytecodealliance/cap-std
1
https://github.com/risc0/risc0-ethereum
1
https://github.com/step-security/harden-runner
1
https://github.com/petergoldstein/dalli
1
https://github.com/syncthing/syncthing
1
https://github.com/rust-x-bindings/rust-xcb
1
https://github.com/apache/incubator-seata
1
https://github.com/jenkinsci/aws-device-farm-plugin
1
https://github.com/apache/maven-archetype
1
https://github.com/C2FO/fast-csv
1
https://github.com/aws/aws-dynamodb-encryption-python
1
https://github.com/maboroshinokiseki/scsir
1
https://gitlab.com/gitlab-org/cves
1
https://github.com/personnummer/rust
1
https://github.com/FirebaseExtended/firepad
1
https://github.com/geyang/ml-logger
1
https://github.com/auth0/lock
1
https://github.com/ipython/ipython
1
https://github.com/Unitech/pm2
1
https://github.com/pterodactyl/panel
1
https://github.com/artifacthub/hub
1
https://github.com/sbt/sbt
1
https://github.com/Icinga/ipl-web
1
https://github.com/apache/nifi
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/erelsgl/limdu
1
https://github.com/cloudflare/tableflip
1
https://github.com/sjwall/mdx-mermaid
1
https://github.com/joomla/joomla-cms
1
https://github.com/personnummer/js
1