GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,736
Composer 4,029
Erlang 29
GitHub Actions 16
Go 1,832
Maven 5,045
npm 3,573
NuGet 632
pip 3,158
Pub 10
RubyGems 847
Rust 797
Swift 34

Unreviewed advisories

All unreviewed 224,761

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

111,078 advisories

Filter by severity

Sort by

Least recently updated

Phusion Passenger Denial of Service Moderate

CVE-2013-2119 was published for passenger (RubyGems) Oct 24, 2017

RDoc contains XSS vulnerability Moderate

CVE-2013-0256 was published for rdoc (RubyGems) Oct 24, 2017

Script Injection in Show In Browser gem Moderate

CVE-2013-2105 was published for show_in_browser (RubyGems) Oct 24, 2017

actionpack and activesupport vulnerable to information leaks Moderate

CVE-2009-3086 was published for actionpack (RubyGems) Oct 24, 2017

activesupport Cross-site Scripting vulnerability Moderate

CVE-2012-1098 was published for activesupport (RubyGems) Oct 24, 2017

actionpack Improper Input Validation vulnerability Moderate

CVE-2011-3187 was published for actionpack (RubyGems) Oct 24, 2017

activesupport Cross-site Scripting vulnerability Moderate

CVE-2011-2932 was published for activesupport (RubyGems) Oct 24, 2017

actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request Moderate

CVE-2012-2694 was published for actionpack (RubyGems) Oct 24, 2017

actionpack Improper Input Validation vulnerability Moderate

CVE-2011-2929 was published for actionpack (RubyGems) Oct 24, 2017

actionpack Cross-site Scripting vulnerability Moderate

CVE-2011-2931 was published for actionpack (RubyGems) Oct 24, 2017

actionpack Improper Authentication vulnerability Moderate

CVE-2012-3424 was published for actionpack (RubyGems) Oct 24, 2017

WEBrick Improper Input Validation vulnerability Moderate

CVE-2009-4492 was published for webrick (RubyGems) Oct 24, 2017

Action Pack contains database-query restrictions bypass Moderate

CVE-2012-2660 was published for actionpack (RubyGems) Oct 24, 2017

session fixation protection mechanism in cgi_process.rb in Rails Moderate

CVE-2007-6077 was published for rails (RubyGems) Oct 24, 2017

rails is vulnerable to CRLF injection Moderate

CVE-2008-5189 was published for rails (RubyGems) Oct 24, 2017

Cross-site Scripting in jquery-ui Moderate

CVE-2010-5312 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017

Cross-site Scripting in actionpack Moderate

CVE-2012-1099 was published for actionpack (RubyGems) Oct 24, 2017

Moderate severity vulnerability that affects rails Moderate

CVE-2007-3227 was published for rails (RubyGems) Oct 24, 2017

Rails actionpack gem vulnerable to Cross-site Scripting Moderate

CVE-2011-0446 was published for actionpack (RubyGems) Oct 24, 2017

Moderate severity vulnerability that affects rails Moderate

CVE-2009-4214 was published for rails (RubyGems) Oct 24, 2017

Moderate severity vulnerability that affects rails Moderate

CVE-2007-5379 was published for rails (RubyGems) Oct 24, 2017

Session fixation vulnerability in Rails Moderate

CVE-2007-5380 was published for rails (RubyGems) Oct 24, 2017

Mail Improper Input Validation vulnerability Moderate

CVE-2011-0739 was published for mail (RubyGems) Oct 24, 2017

gtk2 vulnerable to Use of Externally-Controlled Format String Moderate

CVE-2007-6183 was published for gtk2 (RubyGems) Oct 24, 2017

Active Record vulnerable to SQL Injection via nested query parameters Moderate

CVE-2012-2661 was published for activerecord (RubyGems) Oct 24, 2017

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,078 advisories