Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
Cross site scripting in actionpack Rubygem Moderate
CVE-2011-1497 was published for actionpack (RubyGems) Apr 22, 2022
jhutchings1 jasnow
levpachmanov
activerecord vulnerable to SQL Injection High
CVE-2012-2695 was published for activerecord (RubyGems) Oct 24, 2017
levpachmanov
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request Moderate
CVE-2012-2694 was published for actionpack (RubyGems) Oct 24, 2017
levpachmanov
actionpack Improper Authentication vulnerability Moderate
CVE-2012-3424 was published for actionpack (RubyGems) Oct 24, 2017
ShayAry levpachmanov
Action Pack contains database-query restrictions bypass Moderate
CVE-2012-2660 was published for actionpack (RubyGems) Oct 24, 2017
levpachmanov
Active Record contains SQL Injection High
CVE-2012-6496 was published for activerecord (RubyGems) Oct 24, 2017
levpachmanov
activesupport Cross-site Scripting vulnerability Moderate
CVE-2012-3464 was published for activesupport (RubyGems) Oct 24, 2017
tdunlap607 levpachmanov
actionpack Cross-site Scripting vulnerability Moderate
CVE-2012-3465 was published for actionpack (RubyGems) Oct 24, 2017
ShayAry levpachmanov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database