GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28,209 advisories
activeadmin vulnerable to stored persistent cross-site scripting (XSS) in dynamic form legends
High
CVE-2024-37031
was published
for
activeadmin
(RubyGems)
Jun 2, 2024
Unsafe Reflection in base Component class in yiisoft/yii2
High
CVE-2024-4990
was published
for
yiisoft/yii2
(Composer)
Jun 2, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor
High
CVE-2024-36114
was published
for
io.airlift:aircompressor
(Maven)
Jun 2, 2024
ip SSRF improper categorization in isPublic
High
CVE-2024-29415
was published
for
ip
(npm)
Jun 2, 2024
Improper Handling of Insufficient Permissions in `wagtail.contrib.settings`
Moderate
CVE-2024-35228
was published
for
wagtail
(pip)
Jun 2, 2024
Slack integration leaks sensitive information in logs
Low
CVE-2024-35196
was published
for
sentry
(pip)
Jun 2, 2024
Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints
Moderate
CVE-2024-35189
was published
for
ethyca-fides
(pip)
Jun 2, 2024
Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
Moderate
CVE-2024-32877
was published
for
yiisoft/yii2
(Composer)
Jun 2, 2024
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
High
CVE-2024-34005
was published
for
moodle/moodle
(Composer)
May 31, 2024
ProTip!
Advisories are also available from the
GraphQL API