GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,726
Composer 4,023
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,156
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,688

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

401 advisories

Filter by severity

Sort by

Least recently updated

Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate

CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022

Bootstrap Cross-Site Scripting (XSS) vulnerability Moderate

CVE-2024-6531 was published for bootstrap (RubyGems) Jul 11, 2024

Bootstrap Cross-Site Scripting (XSS) vulnerability Moderate

CVE-2024-6484 was published for bootstrap (RubyGems) Jul 11, 2024

bootstrap Cross-site Scripting vulnerability Moderate

CVE-2018-20677 was published for bootstrap (RubyGems) Jan 17, 2019

Bootstrap Cross-site Scripting vulnerability Moderate

CVE-2018-14042 was published for bootstrap (RubyGems) Sep 13, 2018

Bootstrap Cross-site Scripting vulnerability Moderate

CVE-2016-10735 was published for bootstrap (RubyGems) Jan 17, 2019

XSS vulnerability that affects bootstrap Moderate

CVE-2018-20676 was published for bootstrap (RubyGems) Jan 17, 2019

REXML denial of service vulnerability Moderate

CVE-2024-39908 was published for rexml (RubyGems) Jul 16, 2024

REXML DoS vulnerability Moderate

CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024

REXML DoS vulnerability Moderate

CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024

Bootstrap Cross-site Scripting vulnerability Moderate

CVE-2018-14041 was published for bootstrap (RubyGems) Sep 13, 2018

Bootstrap Vulnerable to Cross-Site Scripting Moderate

CVE-2019-8331 was published for Bootstrap.Less (RubyGems) Feb 22, 2019

RailsAdmin Cross-site Scripting vulnerability in the list view Moderate

CVE-2024-39308 was published for rails_admin (RubyGems) Jul 8, 2024

Decidim vulnerable to data disclosure through the embed feature Moderate

CVE-2024-27090 was published for decidim (RubyGems) Jul 10, 2024

Decidim cross-site scripting (XSS) in the admin panel Moderate

CVE-2024-27095 was published for decidim-admin (RubyGems) Jul 10, 2024

REXML contains a denial of service vulnerability Moderate

CVE-2024-35176 was published for rexml (RubyGems) May 16, 2024

Rack ReDoS Vulnerability in HTTP Accept Headers Parsing Moderate

CVE-2024-39316 was published for rack (RubyGems) Jul 3, 2024

Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial) Moderate

CVE-2024-25126 was published for rack (RubyGems) Feb 28, 2024

Rails has possible XSS Vulnerability in Action Controller Moderate

CVE-2024-26143 was published for actionpack (RubyGems) Feb 27, 2024

Rails has possible Sensitive Session Information Leak in Active Storage Moderate

CVE-2024-26144 was published for activestorage (RubyGems) Feb 27, 2024

ActionText ContentAttachment can Contain Unsanitized HTML Moderate

CVE-2024-32464 was published for actiontext (RubyGems) Jun 4, 2024

Missing security headers in Action Pack on non-HTML responses Moderate

CVE-2024-28103 was published for actionpack (RubyGems) Jun 4, 2024

Trix Editor Arbitrary Code Execution Vulnerability Moderate

CVE-2024-34341 was published for actiontext (RubyGems) May 7, 2024

Kaminari Insecure File Permissions Vulnerability Moderate

CVE-2024-32978 was published for kaminari (RubyGems) May 28, 2024

pubnub Insufficient Entropy vulnerability Moderate

CVE-2023-26154 was published for Pubnub (RubyGems) Dec 6, 2023

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

401 advisories