29580 matches found
GHSA-88V2-P2R7-RVPX vulnerabilities
Vulnerabilities for packages: samba...
GHSA-R9CF-94MR-8V6Q vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-azure, linux-aws, linux-qemu, linux-vmware...
GHSA-45VC-784V-VP78 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-azure, linux-aws, linux-qemu, linux-vmware...
GHSA-HWMM-P4J4-8398 vulnerabilities
Vulnerabilities for packages: freeipa...
spec-driven-workflow-poc
Steps for AI setup 1. Create .github folder in the root of th...
PT-2026-5729
Name of the Vulnerable Software and Affected Versions PolarLearn versions 0-PRERELEASE-15 and earlier Description The OAuth 2.0 implementation for GitHub and Google login providers is susceptible to Login Cross-Site Request Forgery CSRF. The application does not implement and verify the state...
data-cve-poc-py-v1
data-cve-poc This repository collects all CVE vulnerability...
golang-github-prometheus-prometheus-3.9.1-2.1 on GA media (moderate)
golang-github-prometheus-prometheus-3.9.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10124-1 Rating: moderate Cross-References: CVE-2025-13465 CVSS scores: CVE-2025-13465 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-13465 SUSE : 8.8...
GHSA-XVQR-69V8-F3GV vulnerabilities
Vulnerabilities for packages: kapp, influxd, restic-fips, http-echo, gatus-fips, kube-bench, ingress-nginx-controller, postgres-operator-fips, crossplane-provider-aws-sqs-fips, elastic-agent, google-osconfig-agent, kube-state-metrics, rabbitmq-messaging-topology-operator, goose, langfuse,...
GHSA-M5G9-928C-Q4JG vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-743W-QRV8-633J vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-743W-QRV8-633J vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-6JR7-99PF-8VGF
creationtimestamp| type| source ---|---|--- 2026-01-30 23:20:42+00:00| seen| Telegram/pazjypwJ9q5j0AUml5NqFL8eGc5J3hEHdG482ywyT6Ic5U0...
CVE-2025-62240
creationtimestamp| type| source ---|---|--- 2026-01-30 16:30:50+00:00| seen| https://gist.github.com/alon710/dada607d9cf26924b64f5cc8b7be9433...
CLEANSTART-2026-YS66739 Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3
Multiple security vulnerabilities affect the kyverno-policy-reporter-kyverno-plugin-fips package. Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3. See references for individual vulnerability details...
CVE-2026-1699
In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pullrequesttarget trigger while checking out and executing untrusted pull request code. This allowed any GitHub user to execute arbitrary code in the repository's CI environment with access to...
CVE-2026-1699
In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pullrequesttarget trigger while checking out and executing untrusted pull request code. This allowed any GitHub user to execute arbitrary code in the repository's CI environment with access to...
CVE-2026-1699
In the Eclipse Theia Website repository, the GitHub Actions workflow .github/workflows/preview.yml used pullrequesttarget trigger while checking out and executing untrusted pull request code. This allowed any GitHub user to execute arbitrary code in the repository's CI environment with access to...
CVE-2026-1699
CVE-2026-1699 concerns the Eclipse Theia Website repository. The issue: the GitHub Actions workflow .github/workflows/preview.yml used the pull_request_target trigger while checking out and executing untrusted PR code. This allowed any GitHub user to run arbitrary code in the repository’s CI envi...
GHSA-XFHX-R7WW-5995 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...