Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
JWT Algorithm Confusion Moderate
CVE-2023-48223 was published for fast-jwt (npm) Nov 20, 2023
PinkDraconian
json-web-token library is vulnerable to a JWT algorithm confusion attack High
CVE-2023-48238 was published for json-web-token (npm) Nov 17, 2023
PinkDraconian
google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability Low
CVE-2023-48711 was published for google-translate-api-browser (npm) Nov 27, 2023
PinkDraconian
pyload Unauthenticated Flask Configuration Leakage vulnerability High
CVE-2024-21644 was published for pyload-ng (pip) Jan 8, 2024
PinkDraconian
pyload Log Injection vulnerability Moderate
CVE-2024-21645 was published for pyload-ng (pip) Jan 8, 2024
PinkDraconian
phpMyFAQ User Removal Page Allows Spoofing Of User Details Moderate
CVE-2024-22202 was published for phpmyfaq/phpmyfaq (Composer) Feb 5, 2024
PinkDraconian
phpMyFAQ sharing FAQ functionality can easily be abused for phishing purposes Moderate
CVE-2024-22208 was published for phpmyfaq/phpmyfaq (Composer) Feb 5, 2024
PinkDraconian
Cache Poisoning Vulnerability Moderate
CVE-2024-29042 was published for translate (npm) Mar 22, 2024
PinkDraconian
Gradio allows users to access arbitrary files Critical
GHSA-m842-4qm8-7gpq was published for gradio (pip) Sep 25, 2024
PinkDraconian
Cross-Site Request Forgery on any API call in pyLoad may lead to admin privilege escalation Critical
CVE-2024-22416 was published for pyload-ng (pip) Jan 19, 2024
PinkDraconian kaydoda
ProTip! Advisories are also available from the GraphQL API