Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 330— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Plane SSRF via /_next/image (GHSA-39gx-38xf-c348)
github.com · 2024-10-12

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Server side request forgery via /_next/image endpoin…

Read more
Wasmtime GHSA-q8hx-mm92-4wvg DoS via tail calls and stack traces
github.com · 2024-10-12

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Runtime crash when combining tail calls…

Read more
Tuleap GHSA-9fc9-47h6-82jj HTML Mail Content XSS Vulnerability
github.com · 2024-10-16

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: XSS in the HTML mail content of the cross reference field 2. **Publisher…

Read more
Tuleap GHSA-g76g-hc92-96xw Improper Privilege Check Vulnerability Advisory
github.com · 2024-10-16

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Incorrect permission check for tracker …

Read more
Tuleap GHSA-j342-v27q Unauthorized Tracker Access
github.com · 2024-10-16

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Trackers are listed in the quick add ac…

Read more
Zephyr OS Bluetooth OTS Missing Buffer Length Check Vulnerability (GHSA-qj4r-chj6-h7qp)
github.com · 2024-10-07

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Package Name**: zephyr - **Vulnerability Name**: Bluetooth: o…

Read more
GHSA-3ggq-wrf4-c88v: LoadLogic/LoadZilla IAM Privilege Escalation Vulnerability
github.com · 2024-10-02

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Potential risk in the LoadLogic and Loa…

Read more
Parse Server GHSA-8xq9-g7ch-35hg Fix: Custom Object ID Privilege Escalation
github.com · 2024-10-07

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Title**: `fix: Custom object ID allows to acquire role privile…

Read more
PhpSpreadsheet XLSX SSRF and Absolute Path Traversal via php://filter (GHSA-5gpr-w2p5-6m37)
github.com · 2024-10-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Absolute path traversal and Server-Side…

Read more
Insufficient output escaping of attachment names (GHSA-f7hx-fqzw-rvvi)
github.com · 2024-10-01

From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Vulnerability Description**: - **Title**: Insufficient output escaping of attachment names - **Descript…

Read more
ZITADEL Service Account Deactivation Bypass Vulnerability (GHSA-qr2h-7pwm-h393) Advisory
github.com · 2024-09-21

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Service Users Deactivation not Working …

Read more
ZITADEL User Grant Deactivation Failure Vulnerability (GHSA-2w5j-qfvw-2hf5/CVE-2024-46999)
github.com · 2024-09-21

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: User Grant Deactivation not Working - *…

Read more
GHSA-3x45-2m34-x95v: Open Redirect on Login via next Parameter
github.com · 2024-10-01

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Open Redirect on Login via `next` - **Publisher**: n…

Read more
GHSA-948g-2vm7-mfv7: Path Traversal Vulnerability Allows Unauthenticated Data Read
github.com · 2024-10-07

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Description**: - **Title**: Path Traversal (unauthenticated user can read sensitive data) …

Read more
Vim Buffer Use-After-Free Vulnerability Fix (GHSA-rj48-v4mq-j4vg)
github.com · 2024-10-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Issue**: [security]: use-after-free when closing a buffer - *…

Read more
Miraheze Special:RequestWikiQueue Stored XSS Vulnerability (GHSA-h527-jh77-5g7j)
github.com · 2024-10-09

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Description**: - **Name**: XSS in Special:RequestWikiQueue when displaying sitename - **Se…

Read more
XWiki GHSA-r95w-889q-x2gx Notification Filter Permission Bypass
github.com · 2024-09-20

### Key Information 1. **Vulnerability Description**: - **Vulnerability Name**: Missing checks for notification filter preferences editions - **Vulnerability ID**: GHSA-r95w-889q-x2gx - **Release Date…

Read more
Contao Insert Tag Injection via Canonical URLs (GHSA-2xpq-xp6c-5mgj) Advisory
github.com · 2024-09-19

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Insert tag injection via canonical URLs 2. **Severity**: Moderate (5.3 /…

Read more
GHSA-cp65-5m9r-vc2c: Path Traversal allowing Arbitrary File Read
github.com · 2024-09-20

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Arbitrary path traversal (GHSL-2024-183) 2. **Publisher**: owen2345 3. *…

Read more
Rails GHSA-9hf4-67fc-4vf4: Header Normalization Allows Client to Clobber Proxy Headers
github.com · 2024-09-21

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Header normalization allows for client to clobber pr…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.