Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

105 advisories

Loading
Lodestar snappy checksum issue Low
GHSA-m9c9-mc2h-9wjw was published for @lodestar/reqresp (npm) Jan 14, 2025
gln7
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed
CVE-2023-28386 was published May 22, 2023
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin High
CVE-2024-52550 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Nov 13, 2024
github.com/containers/image allows unexpected authenticated registry accesses High
CVE-2024-3727 was published for github.com/containers/image (Go) May 14, 2024
RTann
tlslite-ng off-by-one error on mac checking High
CVE-2018-1000159 was published for tlslite-ng (pip) Jul 12, 2018
Incomplete validation of shapes in multiple TF ops High
CVE-2021-41206 was published for tensorflow (pip) Nov 10, 2021
OpenStack Ironic fails to verify checksums of supplied image_source URLs Moderate
CVE-2024-47211 was published for ironic (pip) Oct 4, 2024
secp256k1-node allows private key extraction over ECDH High
CVE-2024-48930 was published for secp256k1 (npm) Oct 21, 2024
ChALkeR jprichardson
Apache MINA SSHD: integrity check bypass High
CVE-2024-41909 was published for org.apache.sshd:sshd-common (Maven) Aug 12, 2024
ProTip! Advisories are also available from the GraphQL API