Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,673
Maven
5,000+
npm
5,000+
NuGet
932
pip
4,891
Pub
13
RubyGems
1,051
Rust
1,315
Swift
53
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
External Control of File Name or Path in h2oai/h2o-3 Critical
CVE-2023-6569 was published for h2o (pip) Dec 14, 2023
RainSignal Credited to RainSignal
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf Credited to Th3l0newolf and RainSignal RainSignal RainSignal
Incorrect Authorization in Apache Solr Moderate
CVE-2018-11802 was published for org.apache.solr:solr-core (Maven) Feb 9, 2022
RainSignal Credited to RainSignal
corenlp is vulnerable to Improper Restriction of XML External Entity Reference Critical
CVE-2022-0239 was published for edu.stanford.nlp:stanford-corenlp (Maven) Jan 21, 2022
RainSignal Credited to RainSignal
Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core High
CVE-2017-3164 was published for org.apache.solr:solr-core (Maven) Mar 14, 2019
RainSignal Credited to RainSignal
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2015-1828 was published for http (RubyGems) Mar 13, 2018
RainSignal Credited to RainSignal
activerecord vulnerable to SQL Injection High
CVE-2011-2930 was published for activerecord (RubyGems) Oct 24, 2017
RainSignal Credited to RainSignal
activesupport Cross-site Scripting vulnerability Moderate
CVE-2015-3226 was published for activesupport (RubyGems) Oct 24, 2017
RainSignal Credited to RainSignal
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database