GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
429 advisories
Possible Log Injection in Rack::CommonLogger
Moderate
CVE-2025-25184
was published
for
rack
(RubyGems)
Feb 12, 2025
gRPC connection termination issue
Moderate
CVE-2023-32732
was published
for
grpc
(RubyGems)
Jul 6, 2023
Possible Information Leak / Session Hijack Vulnerability in Rack
Moderate
CVE-2019-16782
was published
for
rack
(RubyGems)
Dec 18, 2019
Possible DoS by memory exhaustion in net-imap
Moderate
CVE-2025-25186
was published
for
net-imap
(RubyGems)
Feb 10, 2025
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
components/jquery
(RubyGems)
Apr 29, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11022
was published
for
athlon1600/youtube-downloader
(RubyGems)
Apr 29, 2020
Bootstrap Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2024-6484
was published
for
bootstrap
(RubyGems)
Jul 11, 2024
Action Pack contains database-query restrictions bypass
Moderate
CVE-2012-2660
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack Improper Authentication vulnerability
Moderate
CVE-2012-3424
was published
for
actionpack
(RubyGems)
Oct 24, 2017
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
actionpack Cross-site Scripting vulnerability
Moderate
CVE-2012-3465
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
Moderate
CVE-2012-2694
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Cross site scripting in actionpack Rubygem
Moderate
CVE-2011-1497
was published
for
actionpack
(RubyGems)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API