GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,416 advisories
Envoy Gateway Log Injection Vulnerability
Moderate
CVE-2025-25294
was published
for
github.com/envoyproxy/gateway
(Go)
Mar 6, 2025
NocoDB Vulnerable to Reflected Cross-Site Scripting on Reset Password Page
Moderate
CVE-2025-27506
was published
for
nocodb
(npm)
Mar 6, 2025
Jinja2 vulnerable to sandbox breakout through attr filter selecting format method
Moderate
CVE-2025-27516
was published
for
Jinja2
(pip)
Mar 5, 2025
Laravel has a File Validation Bypass
Moderate
CVE-2025-27515
was published
for
laravel/framework
(Composer)
Mar 5, 2025
REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation
Moderate
CVE-2025-27412
was published
for
redaxo/source
(Composer)
Mar 5, 2025
REDAXO allows Arbitrary File Upload in the mediapool page
Moderate
CVE-2025-27411
was published
for
redaxo/source
(Composer)
Mar 5, 2025
In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim
Moderate
CVE-2025-27155
was published
for
github.com/matrix-org/pinecone
(Go)
Mar 4, 2025
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Moderate
CVE-2025-27111
was published
for
rack
(RubyGems)
Mar 4, 2025
AEADs/ascon-aead: Plaintext exposed in decrypt_in_place_detached even on tag verification failure
Moderate
CVE-2025-27498
was published
for
ascon_aead
(Rust)
Mar 3, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42512
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Mar 3, 2025
Security Update for the OPC UA .NET Standard Stack
Moderate
CVE-2024-42513
was published
for
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
(NuGet)
Mar 3, 2025
Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis
Moderate
CVE-2025-1716
was published
for
picklescan
(pip)
Mar 3, 2025
ProTip!
Advisories are also available from the
GraphQL API