GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28,808 advisories
NocoDB Vulnerable to Reflected Cross-Site Scripting on Reset Password Page
Moderate
CVE-2025-27506
was published
for
nocodb
(npm)
Mar 6, 2025
Emissary May Use a Broken or Risky Cryptographic Algorithm
High
CVE-2025-27508
was published
for
gov.nsa.emissary:emissary
(Maven)
Mar 5, 2025
Jinja2 vulnerable to sandbox breakout through attr filter selecting format method
Moderate
CVE-2025-27516
was published
for
Jinja2
(pip)
Mar 5, 2025
Volt Allows RCE Via User-Crafted Requests
Critical
CVE-2025-27517
was published
for
livewire/volt
(Composer)
Mar 5, 2025
Laravel has a File Validation Bypass
Moderate
CVE-2025-27515
was published
for
laravel/framework
(Composer)
Mar 5, 2025
REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation
Moderate
CVE-2025-27412
was published
for
redaxo/source
(Composer)
Mar 5, 2025
OpenDJ Denial of Service (DoS) using alias loop
High
CVE-2025-27497
was published
for
org.openidentityplatform.opendj:opendj-server-legacy
(Maven)
Mar 5, 2025
REDAXO allows Arbitrary File Upload in the mediapool page
Moderate
CVE-2025-27411
was published
for
redaxo/source
(Composer)
Mar 5, 2025
Lucee RCE/XXE Vulnerability
Critical
CVE-2023-38693
was published
for
org.lucee:lucee
(Maven)
Mar 5, 2025
In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim
Moderate
CVE-2025-27155
was published
for
github.com/matrix-org/pinecone
(Go)
Mar 4, 2025
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations
Critical
CVE-2025-27507
was published
for
github.com/zitadel/zitadel
(Go)
Mar 4, 2025
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Moderate
CVE-2025-27111
was published
for
rack
(RubyGems)
Mar 4, 2025
URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
Low
CVE-2025-27221
was published
for
uri
(RubyGems)
Mar 3, 2025
ProTip!
Advisories are also available from the
GraphQL API