GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
965 advisories
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses
High
CVE-2025-25293
was published
for
ruby-saml
(RubyGems)
Mar 12, 2025
graphql allows remote code execution when loading a crafted GraphQL schema
Critical
CVE-2025-27407
was published
for
graphql
(RubyGems)
Mar 12, 2025
Local File Inclusion in Rack::Static
High
CVE-2025-27610
was published
for
rack
(RubyGems)
Mar 10, 2025
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Moderate
CVE-2025-27111
was published
for
rack
(RubyGems)
Mar 4, 2025
URI allows for userinfo Leakage in URI#join, URI#merge, and URI#+
Low
CVE-2025-27221
was published
for
uri
(RubyGems)
Mar 3, 2025
Possible Log Injection in Rack::CommonLogger
Moderate
CVE-2025-25184
was published
for
rack
(RubyGems)
Feb 12, 2025
Possible DoS by memory exhaustion in net-imap
Moderate
CVE-2025-25186
was published
for
net-imap
(RubyGems)
Feb 10, 2025
decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds
Moderate
CVE-2024-45594
was published
for
decidim-meetings
(RubyGems)
Nov 13, 2024
Decidim-Awesome has SQL injection in AdminAccountability
High
CVE-2024-43415
was published
for
decidim-decidim_awesome
(RubyGems)
Nov 12, 2024
ProTip!
Advisories are also available from the
GraphQL API