GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,961
Composer 4,055
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,076
npm 3,605
NuGet 638
pip 3,208
Pub 10
RubyGems 852
Rust 816
Swift 35

Unreviewed advisories

All unreviewed 227,357

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

406 advisories

Filter by severity

Sort by

Least recently updated

Puppet Privilege Escallation Moderate

CVE-2012-1053 was published for puppet (RubyGems) May 14, 2022

Authlogic Information Exposure vulnerability Moderate

CVE-2012-6497 was published for authlogic (RubyGems) May 14, 2022

Phusion Passenger incorrect permission assignment Moderate

CVE-2018-12615 was published for passenger (RubyGems) May 13, 2022

Tarball permission preservation in puppet Moderate

CVE-2017-10689 was published for puppet (RubyGems) May 13, 2022

Logstash Logs Sensitive Information Moderate

CVE-2016-10362 was published for logstash-core (RubyGems) May 13, 2022

katello Improper Privilege Management vulnerability Moderate

CVE-2017-2662 was published for katello (RubyGems) May 13, 2022

katello SQL Injection vulnerability Moderate

CVE-2018-14623 was published for katello (RubyGems) May 13, 2022

Gem in a Box vulnerable to Cross-site Scripting Moderate

CVE-2017-14506 was published for geminabox (RubyGems) May 13, 2022

Phusion Passenger information disclosure Moderate

CVE-2017-16355 was published for passenger (RubyGems) May 13, 2022

Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate

CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022

Camaleon CMS vulnerable to Stored Cross-site Scripting Moderate

CVE-2018-18260 was published for camaleon_cms (RubyGems) May 13, 2022

Bundler may install gems from a different source than expected Moderate

CVE-2013-0334 was published for bundler (RubyGems) May 5, 2022

Rack arbitrary code execution via timing attack Moderate

CVE-2013-0263 was published for rack (RubyGems) May 5, 2022

Rack vulnerable to Denial of Service Moderate

CVE-2013-0184 was published for rack (RubyGems) May 5, 2022

Features file injection vulnerability Moderate

CVE-2013-4318 was published for features (RubyGems) May 5, 2022

Nokogiri vulnerable to DoS while parsing XML documents Moderate

CVE-2013-6460 was published for nokogiri (RubyGems) May 5, 2022

Nokogiri vulnerable to DoS while parsing XML entities Moderate

CVE-2013-6461 was published for nokogiri (RubyGems) May 5, 2022

Mongrel vulnerable to directory traversal via double-encoded sequences Moderate

CVE-2007-6612 was published for mongrel (RubyGems) May 1, 2022

RubyGems file overwrite vulnerability Moderate

CVE-2007-0469 was published for rubygems-update (RubyGems) May 1, 2022

XSS Vulnerability in Action View tag helpers Moderate

CVE-2022-27777 was published for actionview (RubyGems) Apr 27, 2022

Cross-site Scripting Vulnerability in Action Pack Moderate

CVE-2022-22577 was published for actionpack (RubyGems) Apr 27, 2022

Cross site scripting in actionpack Rubygem Moderate

CVE-2011-1497 was published for actionpack (RubyGems) Apr 22, 2022

XML Injection in Xerces Java affects Nokogiri Moderate

GHSA-xxx9-3xcr-gjj3 was published for nokogiri (RubyGems) Apr 11, 2022

Improper one time password handling in devise-two-factor Moderate

CVE-2021-43177 was published for devise-two-factor (RubyGems) Apr 7, 2022

Buffer Overflow in yajl-ruby Moderate

CVE-2022-24795 was published for yajl-ruby (RubyGems) Apr 5, 2022

Previous 1 2 … 5 6 7 8 9 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

406 advisories