GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,257 advisories
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11023
was published
for
components/jquery
(RubyGems)
Apr 29, 2020
Potential XSS vulnerability in jQuery
Moderate
CVE-2020-11022
was published
for
athlon1600/youtube-downloader
(RubyGems)
Apr 29, 2020
Bootstrap Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2024-6484
was published
for
bootstrap
(RubyGems)
Jul 11, 2024
Werkzeug safe_join not safe on Windows
Moderate
CVE-2024-49766
was published
for
Werkzeug
(pip)
Oct 25, 2024
Juju controller - Arbitrary file reading vulnerability
Moderate
CVE-2023-0092
was published
for
github.com/juju/juju
(Go)
Mar 1, 2023
Kubewarden-Controller information leak via AdmissionPolicyGroup Resource
Moderate
CVE-2025-24784
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources
Moderate
CVE-2025-24376
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
Argo CD does not scrub secret values from patch errors
Moderate
CVE-2025-23216
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Jan 30, 2025
Argo CD GitOps Engine does not scrub secret values from patch errors
Moderate
GHSA-274v-mgcv-cm8j
was published
for
github.com/argoproj/gitops-engine
(Go)
Jan 30, 2025
Twig security issue where escaping was missing when using null coalesce operator
Moderate
CVE-2025-24374
was published
for
twig/twig
(Composer)
Jan 29, 2025
Erroneous Proof of Work calculation in geth
Moderate
CVE-2020-26240
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Shallow copy bug in geth
Moderate
CVE-2020-26241
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API