Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

17 advisories

Loading
Inadequate Encryption Strength in showdoc Moderate
CVE-2021-3680 was published for showdoc/showdoc (Composer) Sep 1, 2021
Hash collision in typelevel jawn Moderate
CVE-2022-21653 was published for org.typelevel:jawn-parser (Maven) Jan 6, 2022
nrktkt
TYPO3 is vulnerable to insecure randomness during hash generation in forgot password function Moderate
CVE-2010-3670 was published for typo3/cms-frontend (Composer) Apr 21, 2022
Inadequate Encryption Strength in Apache CXF Moderate
CVE-2012-5575 was published for org.apache.cxf:cxf-rt-transports-http (Maven) May 13, 2022
Inadequate Encryption Strength in Jenkins Moderate
CVE-2017-2598 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
SimpleSAMLphp Incorrect IV generation for encryption Moderate
CVE-2017-12871 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
Beaker Sensitive Information Disclosure vulnerability Moderate
CVE-2012-3458 was published for beaker (pip) May 17, 2022
Use of a Broken or Risky Cryptographic Algorithm in XWiki Crypto API Moderate
CVE-2022-29161 was published for org.xwiki.platform:xwiki-platform-crypto (Maven) May 24, 2022
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field Moderate
CVE-2022-2582 was published for github.com/aws/aws-sdk-go (Go) Dec 28, 2022
knqyf263
Dgraph Audit Log Encryption Vulnerability Moderate
CVE-2023-31135 was published for github.com/dgraph-io/dgraph (Go) May 17, 2023
HakuPiku joshua-goldstein
skrdgraph
mycli has Inadequate Encryption Strength Moderate
CVE-2023-44690 was published for mycli (pip) Oct 20, 2023
Weak encryption in Ninja Core Moderate
CVE-2024-36823 was published for org.ninjaframework:ninja-core (Maven) Jun 7, 2024
Moodle uses the same key for QR login and auto-login Moderate
CVE-2024-38277 was published for moodle/moodle (Composer) Jun 18, 2024
Apache Answer: Avatar URL leaked user email addresses Moderate
CVE-2024-40761 was published for github.com/apache/incubator-answer (Go) Sep 25, 2024
oscerd
Snowflake JDBC Security Advisory Moderate
CVE-2024-43382 was published for net.snowflake:snowflake-jdbc (Maven) Oct 30, 2024
Apache Tomcat Request and/or response mix-up Moderate
CVE-2024-52317 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 18, 2024
Apache Tomcat - XSS in generated JSPs Moderate
CVE-2024-52318 was published for org.apache.tomcat:tomcat-jasper (Maven) Nov 18, 2024
ProTip! Advisories are also available from the GraphQL API