Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

1,013 advisories

Loading
Access Restriction Bypass in kube-apiserver Moderate
CVE-2021-25735 was published for k8s.io/kubernetes (Go) May 28, 2021
jhutchings1
Unsafe Merging of CORS Configuration Conflict in hapi Moderate
CVE-2015-9243 was published for hapi (npm) Sep 1, 2020
Incorrect Access Control vulnerability in api-platform/core Moderate
CVE-2019-1000011 was published for api-platform/core (Composer) Oct 14, 2019
Authentication Bypass in Devise Moderate
CVE-2019-16109 was published for devise (RubyGems) Sep 11, 2019
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2016-8629 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Incorrect handling of CORS preflight request headers in hapi Moderate
CVE-2015-9236 was published for hapi (npm) Jun 7, 2018
Action Pack contains database-query restrictions bypass Moderate
CVE-2012-2660 was published for actionpack (RubyGems) Oct 24, 2017
Active Record allows bypassing of database-query restrictions Moderate
CVE-2013-0155 was published for activerecord (RubyGems) Oct 24, 2017
ActiveRecord vulnerable to modification of protected model attributes Moderate
CVE-2013-0276 was published for activerecord (RubyGems) Oct 24, 2017
Web Console (Ruby gem) contains whitelisted_ips bypass Moderate
CVE-2015-3224 was published for web-console (RubyGems) Oct 24, 2017
CORS Token Disclosure in crumb Moderate
CVE-2014-7193 was published for crumb (npm) Oct 24, 2017
Active Record Improper Access Control Moderate
CVE-2015-7577 was published for activerecord (RubyGems) Oct 24, 2017
actionpack allows bypass of database-query restrictions Moderate
CVE-2013-6417 was published for actionpack (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API