GHSA-MQW7-C5GG-XQ97 Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

GO-2026-4277 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk

listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

GO-2026-4286 OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware in github.com/openflagr/flagr

OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware in github.com/openflagr/flagr...

GO-2026-4293 WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora

WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora...

RHSA-2026:0424

creationtimestamp| type| source ---|---|--- 2026-01-12 13:26:42+00:00| seen| https://gist.github.com/Darkcrai86/3cc9ce8a0ecea48c6749ff66fb3d9cd5...

GHSA-7FMW-85QM-H22P vulnerabilities

Vulnerabilities for packages: keycloak...

GHSA-527X-5WRF-22M2 vulnerabilities

Vulnerabilities for packages: cloudflared...

GHSA-74P9-4V44-WWX5 vulnerabilities

Vulnerabilities for packages: python...

GitHub: Missing Access Control in MigrationFile allows attacker to upload files to any Migration

A Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized content to be uploaded to a user's repository migration export due to a missing authorization check in the repository migration upload endpoint. The vulnerability could be exploited by...

GHSA-524M-Q5M7-79MM

creationtimestamp| type| source ---|---|--- 2026-01-10 07:01:39+00:00| seen| Telegram/i2g9ck4oFpG2FQ6NO-wq7UgJ3FLiFKBZXo4--EYsPHmrFO0 2026-01-24 21:25:37+00:00| seen| https://gist.github.com/alon710/bb9834de1a00354c3bc3ff35ebeeb06f 2026-01-24 22:41:01+00:00| seen|...

GHSA-9WX5-5C3V-3QMX vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-qemu-melange, linux-qemu...

GHSA-G7MW-CR59-R458 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-qemu-melange, linux-qemu...

CVE-2023-49113

The Kiuwan Local Analyzer KLA Java scanning application contains several hard-coded secrets in plain text format. In some cases, this can potentially compromise the confidentiality of the scan results. Several credentials were found in the JAR files of the Kiuwan Local Analyzer. The JAR file...

CVE-2023-31584

GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting XSS vulnerability via the User Input field...

CVE-2023-4879

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git...

CVE-2021-41599

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

CVE-2021-33961

A Cross Site Scripting XSS vulnerabililty exists in enhanced-github v5.0.11 via the file name parameter...

CVE-2021-31913

In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirecturi were made during GitHub SSO token exchange...

CVE-2021-22866

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more permissions to be granted during a GitHub App's user-authorization web flow than was displayed to the user during approval. To exploit this vulnerability, an attacker would need to create a GitHub Ap...

CVE-2021-22862

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with the ability to fork a repository to disclose Actions secrets for the parent repository of the fork. This vulnerability existed due to a flaw that allowed the base reference ...