Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20 advisories

Loading
Duplicate Advisory: AWS Redshift JDBC Driver fails to validate class type during object instantiation High
GHSA-5c6q-f783-h888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Sep 30, 2022 withdrawn
Incorrect Privilege Assignment in Jenkins Script Security Plugin High
CVE-2019-10355 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
crack does not properly restrict casts of string values High
CVE-2013-1800 was published for crack (RubyGems) Oct 24, 2017
pg-native and libpq vulnerable to uncontrolled resource consumption High
CVE-2022-25852 was published for libpq (npm) Jun 18, 2022
joshbressers
Devise does not properly perform type conversion when performing database queries Moderate
CVE-2013-0233 was published for devise (RubyGems) Oct 24, 2017
extlib does not properly restrict casts of string values High
CVE-2013-1802 was published for extlib (RubyGems) Oct 24, 2017
Weaviate denial of service vulnerability High
CVE-2023-38976 was published for github.com/weaviate/weaviate (Go) Aug 22, 2023
360AIVul
Improper Input Validation in IpMatcher Critical
CVE-2021-33318 was published for IpMatcher (NuGet) May 17, 2022
Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder High
CVE-2022-1642 was published for github.com/apple/swift-corelibs-foundation (Swift) Jun 7, 2023
weissi gliush
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked` High
CVE-2020-35865 was published for os_str_bytes (Rust) Aug 25, 2021
Dangling reference in flatbuffers High
CVE-2020-35864 was published for flatbuffers (Rust) Aug 25, 2021
Unsound casting in flatbuffers Critical
CVE-2019-25004 was published for flatbuffers (Rust) Aug 25, 2021
Incorrect cast in anymap Critical
CVE-2021-38187 was published for anymap (Rust) Aug 25, 2021
`CHECK` fail in `BCast` overflow Moderate
CVE-2022-41890 was published for tensorflow (pip) Nov 21, 2022
Invalid char to bool conversion when printing a tensor Moderate
CVE-2022-41911 was published for tensorflow (pip) Nov 21, 2022
Cachet vulnerable to forced reinstall High
CVE-2021-39173 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
Improperly checked metadata on tools/armour itemstacks received from the client High
GHSA-46c5-pfj8-fv65 was published for pocketmine/pocketmine-mp (Composer) Mar 18, 2022
JavierLeon9966
com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution High
CVE-2022-41828 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Oct 12, 2022
Unsoundness in bigint Critical
CVE-2020-35880 was published for bigint (Rust) Aug 25, 2021
Unaligned memory access in rand_core Critical
CVE-2020-25576 was published for rand_core (Rust) Aug 25, 2021
rillian
ProTip! Advisories are also available from the GraphQL API