29583 matches found
GHSA-RWVC-J5JR-MGVH vulnerabilities
Vulnerabilities for packages: kibana...
GHSA-8Q63-W3PX-VG38 vulnerabilities
Vulnerabilities for packages: ffmpeg...
GHSA-6HWG-W5JG-9C6X vulnerabilities
Vulnerabilities for packages: docker-machine-driver-harvester, rancher-machine...
PT-2026-1633
Name of the Vulnerable Software and Affected Versions Easy GitHub Gist Shortcodes plugin for WordPress versions prior to 1.0 Description The Easy GitHub Gist Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting through the id parameter of the gist shortcode. Insufficient...
WordPress Easy GitHub Gist Shortcodes plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Easy GitHub Gist Shortcodes versions = 1.0...
CVE-2025-13744
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
CVE-2025-13744
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
CVE-2025-13744 Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed rendering of malicious HTML
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
CVE-2025-13744 Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed rendering of malicious HTML
An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...
CVE-2025-13744
CVE-2025-13744 affects GitHub Enterprise Server. The issue is an Improper Neutralization of Input During Web Page Generation in the Filter (search) component, allowing attacker-controlled HTML to be rendered across GitHub and potentially exfiltrate sensitive information. An attacker must have per...
GHSA-4PV4-4X2X-6J88
creationtimestamp| type| source ---|---|--- 2026-01-06 20:13:41+00:00| seen| Telegram/W9cnrPaYEkduQXNMxTamq0Dafu5VRSzGfTVZkSYwQLJrcs...
CVE-2024-29792
creationtimestamp| type| source ---|---|--- 2026-01-06 17:35:45+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-29792.yaml 2026-01-10 21:02:56+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mc3vvnmbj62b...
GHSA-VM5P-43QH-7PMQ
creationtimestamp| type| source ---|---|--- 2026-01-06 17:06:07+00:00| seen| Telegram/NtgdGeZWqROuFZ2INFVIF7wbiZX6L2oMH79jCDcZlZLsnY...
CVE-2025-13652
creationtimestamp| type| source ---|---|--- 2026-01-06 05:03:00+00:00| seen| Telegram/1VAc4wLFDTfmKRJLf2vk5fzkuztcTsljmRPO6kR4McoZxkg 2026-04-10 04:18:53+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-13652.yaml 2026-04-13 21:03:08+00:00|...
GHSA-6JHG-HG63-JVVF
creationtimestamp| type| source ---|---|--- 2026-01-06 01:04:01+00:00| seen| Telegram/2QW8Fh9GNw2oVUTZekwxOkJVN6yFYGFerNd9WhPSIM87KY 2026-01-24 21:31:00+00:00| seen| https://gist.github.com/alon710/8b3299aac7c619edde4755a5c764a295 2026-01-24 21:31:01+00:00| seen|...
SUSE CVE-2025-13352
Mattermost versions 10.11.x = 10.11.6 and Mattermost GitHub plugin versions =2.4.0 fail to validate plugin bot identity in reaction forwarding which allows attackers to hijack the GitHub reaction feature to make users add reactions to arbitrary GitHub objects via crafted notification posts...
GitHub Enterprise Server 安全漏洞
GitHub Enterprise Server is an open source application from GitHub in the United States. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions...
PT-2026-1508
Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.20 GitHub Enterprise Server versions 3.14.20 GitHub Enterprise Server versions 3.15.15 GitHub Enterprise Server versions 3.16.11 GitHub Enterprise Server versions 3.17.8 GitHub Enterprise Server...
GHSA-6MQ8-RVHQ-8WGG
creationtimestamp| type| source ---|---|--- 2026-01-05 22:14:04+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115844791950366444 2026-01-05 23:05:33+00:00| published-proof-of-concept| Telegram/SaQdu2HuKivKnxzQDHW0crSXnl1eIl3nAV9Cs1OYgaU4ueA 2026-01-06 03:55:16+00:00| seen|...
Malicious Package
Overview github-badge-bot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...