Gogs < 0.12.8 SSRF Vulnerability

Gogs is prone to a server-side request forgery SSRF vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Opencast < 10.14, 11.x < 11.7 Improper Authentication Vulnerability

Opencast is prone to a improper authentication vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4878 more potentially affected by unknown CVE via tensorflow (>=1.0.1 <=2.6.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MW6J-HH29-H379...

CVE-2021-25944

creationtimestamp| type| source ---|---|--- 2022-05-24 19:03:10+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-h6xg-rg33-9mf4...

CVE-2020-28277

creationtimestamp| type| source ---|---|--- 2022-05-24 17:37:26+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-q4xc-7cw8-cgfj...

CVE-2020-28276

creationtimestamp| type| source ---|---|--- 2022-05-24 17:37:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-wgxm-rg53-h2c6...

CVE-2020-28278

creationtimestamp| type| source ---|---|--- 2022-05-24 17:37:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pqwc-3vhw-qcvq...

Withdrawn Advisory: Magento 2 Community Edition XSS Vulnerability

Withdrawn Advisory This advisory has been withdrawn because the vulnerability does not affect a package in one of the GitHub Advisory Database's supported ecosystems. This link is maintained to preserve external references. Original Description In Magento prior to 1.9.4.3 and Magento prior to...

CVE-2019-14470

creationtimestamp| type| source ---|---|--- 2022-05-24 16:55:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-gcv6-2v9c-rj48...

CVE-2019-13127

creationtimestamp| type| source ---|---|--- 2022-05-24 16:49:07+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-xm59-jvxm-cp3v...

CVE-2021-21394

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party...

CVE-2017-1000220

creationtimestamp| type| source ---|---|--- 2022-05-13 01:41:00+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-h2p3-h48h-9jj7...

Discourse 2.9.x < 2.9.0.beta4 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

XWiki Privileged API Vulnerability (GHSA-ghcq-472w-vf4h)

XWiki is prone to a privileged API vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

Twisted Web 11.1 < 22.1 Information Disclosure Vulnerability

Twisted Web is prone to an information disclosure vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

CVE-2022-24743 Insufficient Session Expiration in Sylius

Sylius is an open source eCommerce platform. Prior to versions 1.10.11 and 1.11.2, the reset password token was not set to null after the password was changed. The same token could be used several times, which could result in leak of the existing token and unauthorized password change. The issue ...

Multi-Factor Authentication issue in Laravel Fortify

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Windows

Ruby on Rails is prone to an information disclosure vulnerability in puma. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Discourse < 2.8.1 DoS Vulnerability

Discourse is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"...

GHSA-WH98-P28R-VRC9

creationtimestamp| type| source ---|---|--- 2022-02-12 00:29:16+00:00| seen| https://t.me/cibsecurity/37362...