GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
427 advisories
Nokogiri::XML::Schema trusts input by default, exposing risk of XXE vulnerability
Moderate
CVE-2020-26247
was published
for
nokogiri
(RubyGems)
Dec 30, 2020
Possible timing attack in derivation_endpoint
Moderate
CVE-2020-15237
was published
for
shrine
(RubyGems)
Oct 5, 2020
Cross-Site Scripting in jquery
Moderate
CVE-2012-6708
was published
for
jQuery
(RubyGems)
Sep 1, 2020
Field Test CSRF vulnerability
Moderate
CVE-2020-16252
was published
for
field_test
(RubyGems)
Aug 5, 2020
Ability to change order address without triggering address validations in solidus
Moderate
CVE-2020-15109
was published
for
solidus_api
(RubyGems)
Aug 4, 2020
Cross-Site Scripting in Kaminari
Moderate
CVE-2020-11082
was published
for
kaminari
(RubyGems)
May 28, 2020
Cross-Site Scripting in jquery
Moderate
CVE-2020-7656
was published
for
jQuery
(RubyGems)
May 20, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
components/jquery
(RubyGems)
Apr 29, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11022
was published
for
athlon1600/youtube-downloader
(RubyGems)
Apr 29, 2020
Cross site scripting vulnerability in ActionView
Moderate
CVE-2020-5267
was published
for
actionview
(RubyGems)
Mar 19, 2020
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
ProTip!
Advisories are also available from the
GraphQL API