GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
294,076 advisories
WEBrick Improper Input Validation vulnerability
Moderate
CVE-2009-4492
was published
for
webrick
(RubyGems)
Oct 24, 2017
Cross-site Scripting vulnerability in i18n translations helper method
Moderate
CVE-2011-4319
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Rails activerecord gem has Improper Input Validation vulnerability
Moderate
CVE-2010-3933
was published
for
activerecord
(RubyGems)
Oct 24, 2017
actionpack Cross-Site Request Forgery vulnerability
Moderate
CVE-2011-0447
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Improper Input Validation in actionpack
Moderate
CVE-2008-7248
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Rails ActiveRecord gem vulnerable to SQL injection
High
CVE-2008-4094
was published
for
activerecord
(RubyGems)
Oct 24, 2017
rails Cross-site Scripting vulnerability
Moderate
CVE-2011-2197
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack and activesupport vulnerable to information leaks
Moderate
CVE-2009-3086
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Rails actionpack gem vulnerable to Cross-site Scripting
Moderate
CVE-2011-0446
was published
for
actionpack
(RubyGems)
Oct 24, 2017
RuboCop gem Insecure use of /tmp
Low
CVE-2017-8418
was published
for
rubocop
(RubyGems)
Nov 15, 2017
keycloak-connect and keycloak-js improperly handle invalid tokens
Critical
CVE-2017-7474
was published
for
keycloak-connect
(npm)
Nov 15, 2017
ProTip!
Advisories are also available from the
GraphQL API