Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

132 advisories

Loading
User data exposure in Apache InLong Moderate
CVE-2023-31101 was published for org.apache.inlong:manager-dao (Maven) May 22, 2023
MTProto proxy remote code execution vulnerability High
CVE-2023-45312 was published for mtproto_proxy (Erlang) Oct 10, 2023
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource Low
CVE-2023-3485 was published for go.temporal.io/server (Go) Jun 30, 2023
Insecure Default Initialization In Liferay Portal Moderate
CVE-2023-33949 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Default swagger-ui configuration exposes all files in the module Moderate
CVE-2024-22207 was published for @fastify/swagger-ui (npm) Jan 16, 2024
knolleary
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins Critical
CVE-2018-8014 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
ASA-2024-004: Default configuration param for Evidence may limit window of validity Low
GHSA-555p-m4v6-cqxv was published for github.com/cometbft/cometbft (Go) Feb 28, 2024
ProTip! Advisories are also available from the GraphQL API