GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
2,517 advisories
Envoy Gateway Log Injection Vulnerability
Moderate
CVE-2025-25294
was published
for
github.com/envoyproxy/gateway
(Go)
Mar 6, 2025
In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim
Moderate
CVE-2025-27155
was published
for
github.com/matrix-org/pinecone
(Go)
Mar 4, 2025
Goroutine Leak in Abacus SSE Implementation
High
CVE-2025-27421
was published
for
github.com/jasonlovesdoggo/abacus
(Go)
Mar 3, 2025
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations
Critical
CVE-2025-27507
was published
for
github.com/zitadel/zitadel
(Go)
Mar 4, 2025
Karmada PULL Mode Cluster Privilege Escalation
High
CVE-2024-56513
was published
for
github.com/karmada-io/karmada
(Go)
Jan 3, 2025
cheqd-node Security patch for upstream vulnerabilities in IBC-Go (ISA-2025-001) and Cosmos SDK (ISA-2025-002)
Critical
GHSA-h2rp-8vpx-q9r4
was published
for
github.com/cheqd/cheqd-node
(Go)
Mar 13, 2025
LF Edge eKuiper allows Stored XSS in Rules Functionality
Moderate
CVE-2024-52812
was published
for
github.com/lf-edge/ekuiper
(Go)
Mar 10, 2025
Plenti - Code Injection - Denial of Services
Moderate
CVE-2025-26260
was published
for
github.com/plentico/plenti
(Go)
Feb 5, 2025
cheqd-node affected by Non-deterministic JSON Unmarshalling of IBC Acknowledgement
Critical
GHSA-33cr-m232-xqch
was published
for
github.com/cheqd/cheqd-node
(Go)
Mar 11, 2025
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
Fleet has SAML authentication vulnerability due to improper SAML response validation
Critical
CVE-2025-27509
was published
for
github.com/fleetdm/fleet/v4
(Go)
Mar 6, 2025
Non-linear parsing of case-insensitive content in golang.org/x/net/html
High
CVE-2024-45338
was published
for
golang.org/x/net/html
(Go)
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API