Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 354— Search: GHSA×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
gitroomhq/postie-app Security Fixes: GHSA-88wq-w2cw-7v44 & GHSA-w6vh-v53j-g589
github.com · 2026-04-03

### Vulnerability Key Information Summary **Vulnerability Overview** * **Project Name**: `gitroomhq/postie-app` * **Release Type**: Security Fixes * **Affected Vulnerabilities**: * `GHSA-88wq-w2cw-7v4…

Read more
Premium intel
CVSS 8.8
GitPython 3.1.47 Security Release: Fixes for GHSA-rpm5-65cw-6h4 and GHSA-x2qx-6953-8485
github.com · 2026-05-08

### Vulnerability Overview - **Version**: 3.1.47 - **Release Date**: 2 weeks ago - **Main Updates**: Includes security fixes ### Scope of Impact - **GHSA-rpm5-65cw-6h4**: Affects certain functionaliti…

Read more
CVSS 4.5
Vim heap-buffer-overflow fix in ins_typebuf (GHSA-4ghr-c62x-cqfh)
github.com · 2024-08-28

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability ID**: GHSA-4ghr-c62x-cqfh 2. **Issue Description**: heap-buffer-overflow in `ins…

Read more
CVSS 8.1
Rucio WebUI Security Fixes: Username Enumeration & Stored XSS (GHSA-38wq, GHSA-h79m, etc.)
github.com · 2026-02-26

### Rucio 39.3.1 Patch Release This release addresses several security-relevant issues in the (legacy) Rucio Web UI: - **GHSA-38wq-6q2w-hcf9**: Username Enumeration via Login Error Message in Rucio We…

Read more
CVSS 3.1
Jetty PushSessionCacheFilter Remote DoS Vulnerability (GHSA-r7m4-f9h5-gr79)
github.com · 2024-10-16

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: PushSessionCacheFilter can cause remote DoS attacks 2. **Publisher**: jo…

Read more
CVSS 7.5
Magick.NET 14.10.3 Security Update: Fixes Heap Overflow, DoS, and Policy Bypass Vulnerabilities
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
Premium intel
CVSS 9.1
VRCX VR Overlay RCE via XSS and CefSharp Over-permission (GHSA-j98g-mgjm-wqph)
github.com · 2024-08-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: VR Overlay RCE 2. **Severity**: Critical 3. **Publisher**: Natsumi-sama …

Read more
Premium intel
CVSS 7.4
Asterisk Originate Manager Action Privilege Escalation Fix (GHSA-c4cg-9275-6w44)
github.com · 2024-08-10

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - File: `main/manager.c` - Lines changed: 161 - Lines added: 141 - Lines delete…

Read more
Premium intel
CVSS 7.4
Asterisk Originate Manager Action Privilege Escalation Fix (GHSA-c4cg-9275-6w44)
github.com · 2024-08-10

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - File: `main/manager.c` - Lines changed: 161 - Lines added: 141 - Lines delete…

Read more
CVSS 6.4
AWS CDK RestApi Construct Authenticated User Access Bypass (GHSA-qj85-69xf-2vxq)
github.com · 2024-08-29

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: AWS CDK RestApi Construct: Authenticate…

Read more
CVSS 3.6
runc Race Condition Vulnerability (GHSA-jfvp-7x6p-h2pv) Creates Empty Host Files
github.com · 2024-09-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: runc can be tricked into creating empty…

Read more
CVSS 4.9
Metal3 Fix: Restrict Secret Fetching to Host Namespace (GHSA-pqfh-xh7w-7h3p)
github.com · 2024-09-05

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Code Changes**: - Changes were made in the files `controllers/metal3.io/baremetalhost_controlle…

Read more
CVSS 5.7
Asterisk libunbound NULL Pointer Crash Fix in DNS Resolution (GHSA-v428-g3cw-7hv9)
github.com · 2024-09-07

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Title**: `res_resolver_unbound: Test for NULL ub_result in unb…

Read more
CVSS 5.7
FreeSWITCH libunbound NULL Pointer Dereference Fix (GHSA-v428-g3cw-7hv9)
github.com · 2024-09-07

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Title**: `res_resolver_unbound: Test for NULL ub_result in unb…

Read more
CVSS 8.3
external-secrets Privilege Escalation via ClusterRole Misconfiguration (GHSA-qwgc-rr35-h4x9)
github.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: A potential risk of external-secrets wh…

Read more
CVSS 8.8
Bareos Command ACL Circumvention via Abbreviation (GHSA-jfww-q346-r2r8)
github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Negative command ACLs can be circumvent…

Read more
CVSS 6.5
Sunshine GHSA-jqph-8cp5-g874 Incorrect state management during pairing
github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Incorrect state management during pairi…

Read more
CVSS 6.4
CVAT GHSA-p3c9-m7jr-jxxj Missing Authorization for Webhook Endpoints
github.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Missing authorization for endpoints rel…

Read more
CVSS 7.4
Directus GHSA-cff8-x7jv-4fm8: Unauth Credential Cache via OpenID/OAuth2
github.com · 2024-09-12

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Vulnerability Name**: Session is cached for OpenID and OAuth2…

Read more
CVSS 5.8
Signature Validation Bypass in whatsapp-api-js (GHSA-mwhf-vhr5-7j23)
github.com · 2024-09-14

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Name**: Failure to validate message's signature - **Publisher…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.