Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing High
CVE-2026-49451 was published for Microsoft.OpenAPI (NuGet) Jun 30, 2026
baywet Credited to baywet, cookesan, Falco20019, and mahsa-lamiyan cookesan cookesan
Falco20019 Falco20019 mahsa-lamiyan mahsa-lamiyan
Duplicate Advisory: Hackney has an Allocation of Resources Without Limits or Throttling vulnerabilit High
GHSA-76v6-f83q-pxvh was published for hackney (Erlang) May 26, 2026 withdrawn
cookesan Credited to cookesan
Git credentials are exposed in Atlantis logs High
CVE-2024-52009 was published for github.com/runatlantis/atlantis (Go) Nov 8, 2024
niooss-ledger Credited to niooss-ledger and cookesan cookesan cookesan
CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data High
GHSA-p7mv-53f2-4cwj was published for github.com/cometbft/cometbft (Go) Nov 6, 2024
corverroos Credited to corverroos and cookesan cookesan cookesan
Nginx-UI vulnerable to authenticated RCE through injecting into the application config via CRLF High
CVE-2024-23828 was published for github.com/0xJacky/Nginx-UI (Go) Jan 29, 2024
Elleuch-x1 Credited to Elleuch-x1, 0xJacky, and cookesan 0xJacky 0xJacky
cookesan cookesan
Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) High
CVE-2024-22198 was published for github.com/0xJacky/Nginx-UI (Go) Jan 11, 2024
jorgectf Credited to jorgectf, Hintay, and cookesan Hintay Hintay
cookesan cookesan
Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) High
CVE-2024-22197 was published for github.com/0xJacky/Nginx-UI (Go) Jan 11, 2024
jorgectf Credited to jorgectf, Hintay, and cookesan Hintay Hintay
cookesan cookesan
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) High
CVE-2024-22196 was published for github.com/0xJacky/Nginx-UI (Go) Jan 11, 2024
jorgectf Credited to jorgectf, Hintay, and cookesan Hintay Hintay
cookesan cookesan
Gogs Directory Traversal High
CVE-2018-20303 was published for gogs.io/gogs (Go) May 14, 2022
cookesan Credited to cookesan
Integer Overflow in go-jose High
CVE-2016-9123 was published for github.com/square/go-jose (Go) Jun 23, 2021
cookesan Credited to cookesan
ProTip! Advisories are also available from the GraphQL API