GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,254 advisories
imgproxy is vulnerable to SSRF against 0.0.0.0
Moderate
CVE-2025-24354
was published
for
github.com/imgproxy/imgproxy
(Go)
Jan 27, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24361
was published
for
@nuxt/rspack-builder
(npm)
Jan 27, 2025
Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Moderate
CVE-2025-24360
was published
for
@nuxt/vite-builder
(npm)
Jan 27, 2025
Directus allows privilege escalation using Share feature
Moderate
CVE-2025-24353
was published
for
directus
(npm)
Jan 23, 2025
DoS in Cilium agent DNS proxy from crafted DNS responses
Moderate
CVE-2025-23028
was published
for
github.com/cilium/cilium
(Go)
Jan 22, 2025
XSS/HTML Injection Vulnerability in Umbraco Preview Badge
Moderate
GHSA-69cg-w8vm-h229
was published
for
Umbraco.Cms
(NuGet)
Jan 21, 2025
MathLive's Lack of Escaping of HTML allows for XSS
Moderate
GHSA-qwj6-q94f-8425
was published
for
mathlive
(npm)
Jan 21, 2025
Missing validation of header name and value in codeigniter4/framework
Moderate
CVE-2025-24013
was published
for
codeigniter4/framework
(Composer)
Jan 21, 2025
gix-worktree-state nonexclusive checkout sets executable files world-writable
Moderate
CVE-2025-22620
was published
for
gix-worktree-state
(Rust)
Jan 21, 2025
Use of Insufficiently Random Values in undici
Moderate
CVE-2025-22150
was published
for
undici
(npm)
Jan 21, 2025
ProTip!
Advisories are also available from the
GraphQL API