Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

132 advisories

Loading
Electron webPreferences vulnerability can be used to perform remote code execution High
CVE-2018-15685 was published for electron (npm) Aug 23, 2018
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins Critical
CVE-2018-8014 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
Authentication bypass in Apache Airflow Critical
CVE-2020-13927 was published for apache-airflow (pip) Apr 30, 2021
sunSUNQ
Arbitrary Code Execution in grunt High
CVE-2020-7729 was published for grunt (npm) May 6, 2021
Argo CD Insecure default administrative password High
CVE-2020-8828 was published for github.com/argoproj/argo-cd (Go) Jul 26, 2021
makepasswd 1.10 default settings generate insecure passwords Moderate Unreviewed
CVE-2010-2247 was published Apr 21, 2022
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default... Critical Unreviewed
CVE-2022-24706 was published Apr 27, 2022
ProTip! Advisories are also available from the GraphQL API