Security Advisories · google/security-research · GitHub

Security Advisories

View known security vulnerabilities and report new vulnerabilities privately to maintainers.

Report a vulnerability

LibRaw: Out of bounds write in LibRaw::pana_data
GHSA-3m8c-vvxw-r44w published Oct 22, 2024 by rcorrea35

High
LibRaw: Uninitialized memory disclosure via LibRaw_buffer_datastream::read
GHSA-cmhf-chvw-6c7j published Oct 22, 2024 by rcorrea35

High
OpenTelemetry: AWS Firehose Receiver Vulnerability
GHSA-q9wq-xc9h-xrw9 published Oct 1, 2024 by rcorrea35

Moderate
Eaton: Hardcoded SSH root password in XC-303 firmware
GHSA-xf7j-4x67-6h93 published Sep 13, 2024 by rcorrea35

Critical
Pi-hole: Web Authentication ByPass
GHSA-3658-w6j3-w42r published Sep 6, 2024 by rcorrea35

High
Lightdash - Stored Cross-Site Scripting
GHSA-6529-6jv3-66q2 published Aug 29, 2024 by rcorrea35

High
Lightdash - Server-Side Request Forgery Session Takeover
GHSA-4h7x-6vxh-7hjf published Aug 29, 2024 by rcorrea35

High
TurboMeeting: Post-Authentication Command Injection
GHSA-gx6g-8mvx-3q5c published Jul 24, 2024 by rcorrea35

High
TurboMeeting: Insecure Password Reset Mechanism
GHSA-c84v-4pjw-4mh2 published Jul 24, 2024 by rcorrea35

High
TurboMeeting: Boolean-based SQL Injection
GHSA-vx5j-8pgx-v42v published Jul 24, 2024 by rcorrea35

Critical