Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
motionEye: LFI → pass‑the‑hash admin → unsafe restore → unauth action exec (RCE) Critical
GHSA-qxvg-h7q2-hcxh was published for motioneye (pip) Jun 23, 2026
C4spr0x1A Credited to C4spr0x1A and MichaIng MichaIng MichaIng
Authlib JWS JWK Header Injection: Signature Verification Bypass Critical
CVE-2026-27962 was published for authlib (pip) Mar 16, 2026
Jaynornj Credited to Jaynornj and Pr00fOf3xpl0it Pr00fOf3xpl0it Pr00fOf3xpl0it
dcap-qvl has Missing Verification for QE Identity Critical
CVE-2026-22696 was published for @phala/dcap-qvl (npm) Jan 26, 2026
rfc3161-client has insufficient verification for timestamp response signatures Critical
CVE-2025-52556 was published for rfc3161-client (pip) Jun 20, 2025
jku Credited to jku and woodruffw woodruffw woodruffw
LTI JupyterHub Authenticator does not properly validate JWT Signature Critical
CVE-2023-25574 was published for jupyterhub-ltiauthenticator (pip) Feb 25, 2025
consideRatio Credited to consideRatio
Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC Critical
CVE-2024-21669 was published for aries-cloudagent (pip) Jan 9, 2024
dbluhm Credited to dbluhm
acryl-datahub missing JWT signature check Critical
CVE-2022-39366 was published for acryl-datahub (pip) Oct 31, 2022
artsploit Credited to artsploit, pwntester, sylwia-budzynska, p-, Kwstubbs, and jorgectf pwntester pwntester
sylwia-budzynska sylwia-budzynska p- p- Kwstubbs Kwstubbs jorgectf jorgectf
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43572 was published for starkbank-ecdsa (pip) Nov 10, 2021
Incorrect threshold signature computation in TUF Critical
CVE-2020-6174 was published for tuf (pip) Aug 21, 2020
Improper Verification of Cryptographic Signature in Pure-Python ECDSA Critical
CVE-2019-14859 was published for ecdsa (pip) Apr 1, 2020
Improper Verification of Cryptographic Signature in django-rest-registration Critical
CVE-2019-13177 was published for django-rest-registration (pip) Jul 2, 2019
peterthomassen Credited to peterthomassen
ProTip! Advisories are also available from the GraphQL API