GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding
Moderate
CVE-2025-31116
was published
for
mobsf
(pip)
Mar 31, 2025
MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
High
CVE-2024-24759
was published
for
mindsdb
(pip)
Sep 5, 2024
rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter
High
CVE-2024-35231
was published
for
rack-contrib
(RubyGems)
May 28, 2024
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
Critical
CVE-2024-32874
was published
for
frigate
(pip)
May 9, 2024
ewen-lbh/ffcss Late-Unicode normalization vulnerability
Moderate
CVE-2023-52081
was published
for
github.com/ewen-lbh/ffcss
(Go)
Dec 28, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input
High
CVE-2023-35932
was published
for
jcvi
(pip)
Jun 23, 2023
mindsdb arbitrary file write when extracting a remotely retrieved Tarball
High
CVE-2023-30620
was published
for
mindsdb
(pip)
Mar 30, 2023
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Moderate
CVE-2022-23522
was published
for
mindsdb
(pip)
Mar 30, 2023
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Low
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
Path Traversal in Git HTTP endpoints in Gogs
High
CVE-2022-1993
was published
for
gogs.io/gogs
(Go)
Jun 8, 2022
ProTip!
Advisories are also available from the
GraphQL API