GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,123 advisories
Vite bypasses server.fs.deny when using ?raw??
Moderate
CVE-2025-30208
was published
for
vite
(npm)
Mar 25, 2025
Duplicate Advisory: Code injection in Directus
Moderate
GHSA-qf6h-p3mr-vmh5
was published
for
directus
(npm)
Aug 15, 2024
•
withdrawn
Parse Server has an OAuth login vulnerability
Moderate
CVE-2025-30168
was published
for
parse-server
(npm)
Mar 21, 2025
Nuxt allows DOS via cache poisoning with payload rendering response
High
CVE-2025-27415
was published
for
nuxt
(npm)
Mar 19, 2025
Prototype Pollution Vulnerability in parse-git-config
High
CVE-2025-25975
was published
for
parse-git-config
(npm)
Mar 12, 2025
Fast-JWT Improperly Validates iss Claims
Moderate
CVE-2025-30144
was published
for
fast-jwt
(npm)
Mar 19, 2025
Duplicate Advisory: Improper access control in Directus
Moderate
GHSA-q83v-hq3j-4pq3
was published
for
directus
(npm)
Aug 15, 2024
•
withdrawn
@zag-js/core prototype pollution
High
CVE-2024-57079
was published
for
@zag-js/core
(npm)
Feb 6, 2025
canvg Prototype Pollution vulnerability
High
CVE-2025-25977
was published
for
canvg
(npm)
Mar 10, 2025
xml-crypto Vulnerable to XML Signature Verification Bypass via DigestValue Comment
Critical
CVE-2025-29775
was published
for
xml-crypto
(npm)
Mar 14, 2025
xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References
Critical
CVE-2025-29774
was published
for
xml-crypto
(npm)
Mar 14, 2025
ProTip!
Advisories are also available from the
GraphQL API