GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,013 advisories
Filter by severity
Access Restriction Bypass in kube-apiserver
Moderate
CVE-2021-25735
was published
for
k8s.io/kubernetes
(Go)
May 28, 2021
Unsafe Merging of CORS Configuration Conflict in hapi
Moderate
CVE-2015-9243
was published
for
hapi
(npm)
Sep 1, 2020
Incorrect Access Control vulnerability in api-platform/core
Moderate
CVE-2019-1000011
was published
for
api-platform/core
(Composer)
Oct 14, 2019
Authentication Bypass in Devise
Moderate
CVE-2019-16109
was published
for
devise
(RubyGems)
Sep 11, 2019
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2016-8629
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
Incorrect handling of CORS preflight request headers in hapi
Moderate
CVE-2015-9236
was published
for
hapi
(npm)
Jun 7, 2018
Action Pack contains database-query restrictions bypass
Moderate
CVE-2012-2660
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Active Record allows bypassing of database-query restrictions
Moderate
CVE-2013-0155
was published
for
activerecord
(RubyGems)
Oct 24, 2017
ActiveRecord vulnerable to modification of protected model attributes
Moderate
CVE-2013-0276
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Web Console (Ruby gem) contains whitelisted_ips bypass
Moderate
CVE-2015-3224
was published
for
web-console
(RubyGems)
Oct 24, 2017
Active Record Improper Access Control
Moderate
CVE-2015-7577
was published
for
activerecord
(RubyGems)
Oct 24, 2017
actionpack allows bypass of database-query restrictions
Moderate
CVE-2013-6417
was published
for
actionpack
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API