Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

29 advisories

Loading
marionette-socket-host downloads Resources over HTTP High
CVE-2016-10648 was published for marionette-socket-host (npm) Aug 15, 2018
grunt-images downloads Resources over HTTP High
CVE-2016-10645 was published for grunt-images (npm) Aug 15, 2018
Downloads Resources over HTTP in cmake High
CVE-2016-10642 was published for cmake (npm) Aug 15, 2018
fis-sass-all downloads Resources over HTTP High
CVE-2016-10686 was published for fis-sass-all (npm) Aug 17, 2018
Downloads Resources over HTTP in node-bsdiff-android High
CVE-2016-10641 was published for node-bsdiff-android (npm) Sep 18, 2018
Downloads Resources over HTTP in openframe-glslviewer High
CVE-2016-10607 was published for openframe-glslviewer (npm) Feb 18, 2019
Downloads Resources over HTTP in cobalt-cli High
CVE-2016-10597 was published for cobalt-cli (npm) Feb 18, 2019
ibapi downloads Resources over HTTP High
CVE-2016-10593 was published for ibapi (npm) Feb 18, 2019
Downloads Resources over HTTP in prince High
CVE-2016-10591 was published for prince (npm) Feb 18, 2019
Downloads Resources over HTTP in libxl High
CVE-2016-10585 was published for libxl (npm) Feb 18, 2019
Downloads Resources over HTTP in openframe-image High
CVE-2016-10616 was published for openframe-image (npm) Feb 18, 2019
Downloads Resources over HTTP in haxe High
CVE-2016-10602 was published for haxe (npm) Feb 18, 2019
ipip downloads Resources over HTTP High
CVE-2016-10594 was published for ipip (npm) Feb 18, 2019
Downloads Resources over HTTP in bionode-sra High
CVE-2016-10613 was published for bionode-sra (npm) Feb 18, 2019
dwebp-bin downloads Resources over HTTP High
CVE-2016-10633 was published for dwebp-bin (npm) Feb 18, 2019
npm Vulnerable to Global node_modules Binary Overwrite High
CVE-2019-16777 was published for npm (npm) Dec 13, 2019
DanielRuf
Any logged in user could edit any other logged in user. High
CVE-2021-29452 was published for @curveball/a12n-server (npm) Apr 19, 2021
Privilege escalation: all users can access Admin-level API keys Moderate
CVE-2021-39192 was published for ghost (npm) Jul 22, 2021
zn9988
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39167 was published for @openzeppelin/contracts (npm) Aug 30, 2021
TimelockController vulnerability in OpenZeppelin Contracts Critical
CVE-2021-39168 was published for @openzeppelin/contracts-upgradeable (npm) Aug 30, 2021
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
Improper Privilege Management in shelljs High
CVE-2022-0144 was published for shelljs (npm) Jan 21, 2022
Improper Privilege Management in Azure ms-rest-nodeauth High
CVE-2021-28458 was published for @azure/ms-rest-nodeauth (npm) May 24, 2022
Improper Privilege Management in NocoDB High
CVE-2022-2063 was published for nocodb (npm) Jun 14, 2022
Parsing issue in matrix-org/node-irc leading to room takeovers High
CVE-2022-39203 was published for matrix-appservice-irc (npm) Sep 15, 2022
wonda-tea-coffee
ProTip! Advisories are also available from the GraphQL API