GitHub Security Advisories (GHSA) are authoritative notices for vulnerable open-source packages and ecosystems (for example npm, PyPI, or Maven), usually with a linked CVE. Use the search box to find a GHSA or CVE, narrow by ecosystem or severity, or match phrases in the summary.
| GHSA | CVE | Severity | Type | Summary | Published |
|---|---|---|---|---|---|
| GHSA-c4fr-5qh5-c6fh | CVE-2026-56455 | medium | unreviewed | HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of... | 2026-07-16 15:33:11 UTC |
| GHSA-c44q-ff9x-p4wj | CVE-2026-56453 | medium | unreviewed | HCL DFXAnalytics is affected by an Account Takeover via Response Manipulation vulnerability. A... | 2026-07-16 15:33:11 UTC |
| GHSA-4m7f-pc5f-972q | CVE-2026-35145 | low | unreviewed | HCL DFXAnalytics is affected by a Missing HTTP Strict-Transport-Security Header vulnerability.... | 2026-07-16 15:33:11 UTC |
| GHSA-4h8f-jwxw-9996 | CVE-2026-56454 | medium | unreviewed | HCL DFXAnalytics is affected by a Deprecated Protocol vulnerability due to the use of TLS 1.0 and... | 2026-07-16 15:33:11 UTC |
| GHSA-493w-xg7v-8gmv | CVE-2026-56456 | medium | unreviewed | HCL DFXAnalytics is affected by an Internal File Path Disclosure vulnerability. The application... | 2026-07-16 15:33:11 UTC |
| GHSA-xxvx-4jh7-w294 | CVE-2026-35142 | low | unreviewed | HCL DFXAnalytics is affected by an Internal IP Address Disclosure vulnerability. The application... | 2026-07-16 15:33:10 UTC |
| GHSA-whf7-7mxf-ww93 | CVE-2026-12391 | medium | unreviewed | An insecure symlink following vulnerability exists in Canonical ubuntu-pro-client (formerly... | 2026-07-16 15:33:10 UTC |
| GHSA-m9fr-x8w8-9mm4 | CVE-2026-35143 | low | unreviewed | HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. The application fails... | 2026-07-16 15:33:10 UTC |
| GHSA-jrxj-9mhw-55wc | CVE-2026-63305 | critical | unreviewed | AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php... | 2026-07-16 15:33:10 UTC |
| GHSA-jjpq-qx77-qjwj | CVE-2026-63304 | critical | unreviewed | AVideo through 29.0 contains an OS command injection vulnerability in plugin/API/standAlone... | 2026-07-16 15:33:10 UTC |
| GHSA-j5jq-jcvc-gxxc | CVE-2026-63306 | critical | unreviewed | stoatchat before 0.13.5 contains an unauthenticated server-side request forgery vulnerability in... | 2026-07-16 15:33:10 UTC |
| GHSA-c2j4-gprf-37xq | CVE-2026-35140 | low | unreviewed | HCL DFXAnalytics is affected by a Missing Secure Attribute in Encrypted Session (SSL) Cookie... | 2026-07-16 15:33:10 UTC |
| GHSA-9hv3-3cv6-jrx3 | CVE-2025-71388 | high | unreviewed | stoatchat (delta/Revolt) versions from 20241213-1 before 20250210-1 allow users with only... | 2026-07-16 15:33:10 UTC |
| GHSA-9836-vm3x-qwmj | CVE-2026-11386 | critical | unreviewed | An input validation and injection vulnerability exists in Canonical ubuntu-pro-client (formerly... | 2026-07-16 15:33:10 UTC |
| GHSA-4m5m-x42p-vrwg | CVE-2026-9494 | medium | unreviewed | An information disclosure vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu... | 2026-07-16 15:33:10 UTC |
| GHSA-3252-v85m-5fq8 | CVE-2026-35141 | low | unreviewed | HCL DFXAnalytics is affected by a Login Replay Attack vulnerability. The application allows a... | 2026-07-16 15:33:10 UTC |
| GHSA-x85w-r7mc-2chj | CVE-2024-58360 | medium | unreviewed | stoatchat versions before 0.7.8 fail to enforce account creation restrictions including invite... | 2026-07-16 15:33:09 UTC |
| GHSA-6j45-2pq3-r728 | CVE-2025-71377 | high | unreviewed | stoatchat (delta) versions before 20250210-1 (0.8.2) contain a logic error in the query messages... | 2026-07-16 15:33:09 UTC |
| GHSA-8539-9p7j-q3gf | CVE-2026-35149 | high | unreviewed | HCL DFXServer is affected by an Authentication Bypass vulnerability via server response... | 2026-07-16 12:32:29 UTC |
| GHSA-3rj8-qrpc-rrvr | CVE-2026-35148 | medium | unreviewed | HCL DFXServer is affected by a Missing Access Control vulnerability. This vulnerability states... | 2026-07-16 12:32:29 UTC |