GitHub Advisory Database
3,413 advisories
Filter by severity
Netflix/Priam: Temporary Directory Information Disclosure
CVE-2021-28100
(Moderate severity)
was published Mar 30, 2021
•
com.netflix.priam:priam
(Maven)
Possible request smuggling in HTTP/2 due missing validation of content-length
CVE-2021-21409
(Low severity)
was published Mar 30, 2021
•
io.netty:netty-codec-http2
(Maven)
netmask npm package vulnerable to octal input data
CVE-2021-28918
(High severity)
was published Mar 29, 2021
•
netmask
(npm)
HTML injection in email and account expiry notifications
CVE-2021-21333
(Low severity)
was published Mar 26, 2021
•
matrix-synapse
(pip)
Cross-site scripting (XSS) vulnerability in the password reset endpoint
CVE-2021-21332
(Low severity)
was published Mar 26, 2021
•
matrix-synapse
(pip)
Weak JSON Web Token in yapi-vendor
CVE-2021-27884
(Moderate severity)
was published Mar 26, 2021
•
yapi-vendor
(npm)
Improper Input Validation in PyYAML
CVE-2020-14343
(Moderate severity)
was published Mar 25, 2021
•
PyYAML
(pip)
Command injection in fs-path
CVE-2020-8298
(Critical severity)
was published Mar 25, 2021
•
fs-path
(npm)
Information Disclosure in Guava
CVE-2020-8908
(Moderate severity)
was published Mar 25, 2021
•
com.google.guava:guava
(Maven)
Insecure temporary file in Netflix OSS Hollow
CVE-2021-28099
(Moderate severity)
was published Mar 29, 2021
•
com.netflix.hollow:hollow
(Maven)
Cross site scripting (XSS) and Server side request forgery (SSRF) in moodle
CVE-2021-20280
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
SQL Injection in moodle
CVE-2020-25700
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Improper Access Control in moodle
CVE-2020-25698
(High severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Privilage Escalation in moodle
CVE-2020-25701
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Privilage Escalation in moodle
CVE-2020-25699
(High severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Cross-site Scripting (XSS) in moodle
CVE-2020-25702
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Cross site-scripting (XSS) moodle
CVE-2020-25628
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Exposure of Sensitive Information to an Unauthorized Actor in moodle
CVE-2021-20281
(Moderate severity)
was published Mar 29, 2021
•
moodle/moodle
(Composer)
Access Restriction Bypass
CVE-2020-13757
(High severity)
was published Mar 24, 2021
•
rsa
(pip)
Path Traversal within joomla/archive zip class
CVE-2021-26028
(Moderate severity)
was published Mar 24, 2021
•
joomla/archive
(Composer)
XSS in CreateQueuedJobTask
CVE-2021-27938
(Moderate severity)
was published Mar 24, 2021
•
symbiote/silverstripe-queuedjobs
(Composer)
Rating Script Service expose XWiki to SQL injection
CVE-2021-21380
(High severity)
was published Mar 23, 2021
•
org.xwiki.platform:xwiki-platform-ratings-api
(Maven)
It's possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro
CVE-2021-21379
(Low severity)
was published Mar 23, 2021
•
org.xwiki.platform:xwiki-platform-rendering-wikimacro-store
(Maven)
Double Free in Adplug
CVE-2019-15151
(Critical severity)
was published Mar 29, 2021
•
adplug
(NuGet)
SQL injection in vhs (aka VHS: Fluid ViewHelpers)
CVE-2021-28381
(Critical severity)
was published Mar 29, 2021
•
fluidtypo3/vhs
(Composer)
ProTip!
Advisories are also available from the
GraphQL API
