Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub's Advisory Database

288,561 advisories found
Showing 61 - 80
GHSA-4mw4-68h4-2pj4 ⚠ Unreviewed MODERATE

Sep 17, 2025
Unknown
Unknown
CVE-2025-10616
CVSS
5.0
GHSA-393w-9x6h-8gc7 ✓ Reviewed HIGH

Pingora update for MadeYouReset HTTP/2 vulnerability

Sep 17, 2025
crates.io
pingora-core
CVSS
7.5
GHSA-p6jq-8vc4-79f6 ✓ Reviewed LOW

Nuxt has Client-Side Path Traversal in Nuxt Island Payload Revival

Sep 17, 2025
npm
nuxt
CVE-2025-59414
CVSS
2.5
GHSA-m4j5-5x4r-2xp9 ✓ Reviewed MODERATE

Keycloak SMTP Inject Vulnerability

Sep 17, 2025
Maven
org.keycloak:keycloak-services
CVE-2025-8419
CVSS
5.0
GHSA-mcvp-rpgg-9273 ✓ Reviewed MODERATE

DragonFly's tiny file download uses hard coded HTTP protocol

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59410
CVSS
5.0
GHSA-hx2h-vjw2-8r54 ✓ Reviewed MODERATE

DragonFly has weak integrity checks for downloaded files

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59354
CVSS
5.0
GHSA-255v-qv84-29p5 ✓ Reviewed HIGH

DragonFly's manager generates mTLS certificates for arbitrary IP addresses

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59353
CVSS
7.5
GHSA-79hx-3fp8-hj66 ✓ Reviewed MODERATE

DragonFly vulnerable to arbitrary file read and write on a peer machine

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59352
CVSS
5.0
GHSA-4mhv-8rh3-4ghw ✓ Reviewed MODERATE

DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59351
CVSS
5.0
GHSA-c2fc-9q9c-5486 ✓ Reviewed MODERATE

Dragonfly vulnerable to timing attacks against Proxy’s basic authentication

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59350
CVSS
5.0
GHSA-m49c-g9wr-hv6v ✓ Reviewed CRITICAL

jinjava has Sandbox Bypass via JavaType-Based Deserialization

Sep 17, 2025
Maven
com.hubspot.jinjava:jinjava
CVE-2025-59340
CVSS
9.0
GHSA-8425-8r2f-mrv6 ✓ Reviewed LOW

Dragonfly's directories created via os.MkdirAll are not checked for permissions

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59349
CVSS
2.5
GHSA-2qgr-gfvj-qpcr ✓ Reviewed MODERATE

Dragonfly incorrectly handles a task structure’s usedTrac field

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59348
CVSS
5.0
GHSA-98x5-jw98-6c97 ✓ Reviewed MODERATE

Dragonfly's manager makes requests to external endpoints with disabled TLS authentication

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59347
CVSS
5.0
GHSA-g2rq-jv54-wcpr ✓ Reviewed HIGH

Dragonfly vulnerable to server-side request forgery

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59346
CVSS
7.5
GHSA-89vc-vf32-ch59 ✓ Reviewed HIGH

Dragonfly doesn't have authentication enabled for some Manager’s endpoints

Sep 17, 2025
Go
github.com/dragonflyoss/dragonfly
CVE-2025-59345
CVSS
7.5
GHSA-g2h5-cvvr-7gmw ✓ Reviewed MODERATE

esm.sh has arbitrary file write via path traversal in `X-Zone-Id` header

Sep 17, 2025
Go
github.com/esm-dev/esm.sh
CVE-2025-59342
CVSS
5.0
GHSA-49pv-gwxp-532r ✓ Reviewed HIGH

esm.sh has File Inclusion issue

Sep 17, 2025
Go
github.com/esm-dev/esm.sh
CVE-2025-59341
CVSS
7.5
GHSA-mxh5-f83r-vf79 ⚠ Unreviewed LOW

Sep 17, 2025
Unknown
Unknown
CVE-2025-35433
CVSS
2.5
GHSA-mg6x-3jw5-mh6j ⚠ Unreviewed MODERATE

Sep 17, 2025
Unknown
Unknown
CVE-2025-10600
CVSS
5.0