GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,726
Composer 4,023
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,156
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,688

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

401 advisories

Filter by severity

Sort by

Least recently updated

Publify has Improper Access Controls Moderate

CVE-2022-1810 was published for publify_core (RubyGems) May 24, 2022

openshift-origin-node Improper Input Validation vulnerability Moderate

CVE-2014-0084 was published for openshift-origin-node (RubyGems) May 17, 2022

Spree does not properly restrict the use of a hash to provide values for a model's attributes Moderate

CVE-2008-7310 was published for spree (RubyGems) May 17, 2022

Spree uses a hardcoded hash value Moderate

CVE-2008-7311 was published for spree (RubyGems) May 17, 2022

Chef Improper Access Control vulnerability Moderate

CVE-2010-5142 was published for chef (RubyGems) May 17, 2022

spree_auth_devise allows remote authenticated users to assign themselves arbitrary roles Moderate

CVE-2013-2506 was published for spree_auth_devise (RubyGems) May 17, 2022

Rack-Cache caches sensitive headers Moderate

CVE-2012-2671 was published for rack-cache (RubyGems) May 17, 2022

Rack Gem Subject to Denial of Service via Hash Collisions Moderate

CVE-2011-5036 was published for org.jruby:jruby-parent (RubyGems) May 17, 2022

Sup Code Injection vulnerability Moderate

CVE-2013-4478 was published for sup (RubyGems) May 17, 2022

Fat Free CRM has fixed token value Moderate

CVE-2013-7222 was published for fat_free_crm (RubyGems) May 17, 2022

Fat Free CRM vulnerable to SQL Injection Moderate

CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022

Fat Free CRM vulnerable to Exposure of Sensitive Information Moderate

CVE-2013-7249 was published for fat_free_crm (RubyGems) May 17, 2022

Fat Free CRM contains Cross-site Request Forgery vulnerablilities Moderate

CVE-2013-7223 was published for fat_free_crm (RubyGems) May 17, 2022

Fat Free CRM allows remote attackers to obtain sensitive information via a direct request Moderate

CVE-2013-7224 was published for fat_free_crm (RubyGems) May 17, 2022

RubyGems HTTPS to HTTP redirect Moderate

CVE-2012-2125 was published for rubygems-update (RubyGems) May 17, 2022

RubyGems does not verify SSL certificate Moderate

CVE-2012-2126 was published for rubygems-update (RubyGems) May 17, 2022

GitLab Grit Gem for Ruby contains a flaw allowing arbitrary commands to be executed Moderate

CVE-2013-4489 was published for gitlab-grit (RubyGems) May 17, 2022

Fat Free CRM subject to Cross-site Scripting Moderate

CVE-2014-5441 was published for fat_free_crm (RubyGems) May 17, 2022

Sup Code Injection vulnerability Moderate

CVE-2013-4479 was published for sup (RubyGems) May 17, 2022

ccsv Double Free vulnerability Moderate

CVE-2017-15364 was published for ccsv (RubyGems) May 17, 2022

RubyGems Regular Expression Denial of Service Moderate

CVE-2013-4363 was published for rubygems-update (RubyGems) May 17, 2022

RubyGems Improper Input Validation vulnerability Moderate

CVE-2015-4020 was published for rubygems-update (RubyGems) May 17, 2022

Publify exposes article metadata Moderate

CVE-2022-1553 was published for publify_core (RubyGems) May 17, 2022

Publify vulnerable to code injection Moderate

CVE-2022-0578 was published for publify_core (RubyGems) May 17, 2022

Publify Incorrect Authorization Moderate

CVE-2022-0574 was published for publify_core (RubyGems) May 17, 2022

Previous 1 2 3 4 5 6 7 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

401 advisories