GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,235 advisories
Apache Ambari XML External Entity injection
Moderate
CVE-2023-50380
was published
for
org.apache.ambari.contrib.views:wfmanager
(Maven)
Feb 27, 2024
pimcore/customer-data-framework vulnerable to SQL Injection
Moderate
CVE-2024-11956
was published
for
pimcore/customer-management-framework-bundle
(Composer)
Jan 28, 2025
imgproxy is vulnerable to SSRF against 0.0.0.0
Moderate
CVE-2025-24354
was published
for
github.com/imgproxy/imgproxy
(Go)
Jan 27, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24361
was published
for
@nuxt/rspack-builder
(npm)
Jan 27, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24360
was published
for
@nuxt/vite-builder
(npm)
Jan 27, 2025
Spring Framework has Authorization Bypass for Case Sensitive Comparisons
Moderate
CVE-2024-38827
was published
for
org.springframework.security:spring-security-core
(Maven)
Dec 2, 2024
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
Moderate
CVE-2024-25710
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
jQuery
(RubyGems)
Apr 29, 2020
ProTip!
Advisories are also available from the
GraphQL API