GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10,350 advisories
The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks
Moderate
CVE-2019-10219
was published
for
org.hibernate.validator:hibernate-validator
(Maven)
Jan 8, 2020
uptrace pgdriver SQL injection vulnerability
Moderate
CVE-2024-44906
was published
for
github.com/uptrace/bun/driver/pgdriver
(Go)
Jun 12, 2025
Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON
Moderate
CVE-2025-53864
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Jul 11, 2025
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(RubyGems)
Jul 19, 2019
Prototype Pollution in lodash
Moderate
CVE-2018-3721
was published
for
lodash
(RubyGems)
Jul 26, 2018
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2020-28500
was published
for
lodash
(RubyGems)
Jan 6, 2022
Craft CMS has a theoretical bypass for CVE-2025-23209
Moderate
CVE-2025-54417
was published
for
craftcms/cms
(Composer)
Aug 8, 2025
uv allows ZIP payload obfuscation through parsing differentials
Moderate
CVE-2025-54368
was published
for
uv
(pip)
Aug 7, 2025
ProTip!
Advisories are also available from the
GraphQL API